Uniswap Founder Issues Warning on ENS Wallet Impersonation Scam
Founder Hayden Adams alerts the community to a deceptive scheme exploiting Ethereum Name Service.
Hayden Adams, the visionary behind the decentralized exchange Uniswap, has sounded an alarm within the cryptocurrency community regarding a scam utilizing wallet addresses masquerading as Ethereum Name Service (ENS) domains.
On February 14, Adams took to X to share a cautionary note about scammers attempting to impersonate his Ethereum wallet. He detailed how the fraudsters duplicated and registered his wallet address as an ENS wallet with a .eth extension. Additionally, Adams pointed out that pasting his wallet address into certain user interfaces would yield an ENS match unrelated to his actual address, appearing as the top search result.
This deceptive tactic aims to confuse those sending digital assets, potentially causing them to send cryptocurrency to an incorrect address rather than the intended recipient. Adams urged user interfaces to implement filters to mitigate the risk of losses stemming from this attack vector.
Although this scam vector may seem novel, Taylor Monahan, the founder of Ethereum wallet manager MyCrypto, highlighted in a post that a similar approach was employed in the early days of the MyEtherWallet service. Monahan noted that it disrupted registrations and resolutions for names beginning with "0x" during that period.
Nick Johnson, the founder and lead developer of ENS, also commented on this scam vector, emphasizing that interfaces should refrain from autocompleting names. Johnson deemed this practice "far too dangerous" and clarified that ENS discourages it in its user experience guidelines.
In a parallel development, crypto investors reported receiving deceptive emails from scammers posing as prominent Web3 companies in January. On January 23, scammers orchestrated an extensive email campaign promoting fraudulent airdrops, disguising themselves as entities like Cointelegraph, WalletConnect, Token Terminal, and other reputable crypto firms.
Subsequent investigations revealed that the phishing attack resulted from a security breach at the email marketing firm MailerLite. On January 24, the firm confirmed that hackers gained control of Web3 accounts through a social engineering attack. Nansen's research team estimated that the scammer's phishing wallet amassed around $3.3 million in inflows since the commencement of the campaign.
(Photo Source / Blockonome)
Comments