Uniswap Founder Warns of New Scam Targeting Crypto Wallet Users

Crypto SCAM uniswap wallet 2024-02-15 50

According to CryptoPotato, Hayden Adams, the founder of Uniswap, has warned the crypto community about a new wave of scams targeting users through deceptive user interfaces (UIs) in crypto wallets. Scammers are leveraging fake clones of Ethereum Name Service (ENS) domains to deceive users and potentially siphon funds. Adams expressed his concern on social media, stating that it was the first time he had seen this scam and wanted to alert users and interfaces.

The scam involves the fraudster purchasing an ENS domain that closely resembles a legitimate Ethereum address but substituting alphabetic characters with alphanumeric sequences. When unsuspecting users input the genuine Ethereum address into their crypto wallet UIs, these interfaces display the scammer’s address as the primary result instead of the intended recipient’s. This could lead users to send funds to the scammer’s address unknowingly. Adams stressed the importance of interfaces integrating filters to tackle these scams and advised users to proceed cautiously.

Following the post, Nick Johnson, the founder of ENS, expressed his view that interfaces should refrain from autocompleting names altogether, deeming it excessively risky. He noted that such a practice is discouraged in their user experience (UX) guidelines. ENS is a domain name system built on the Ethereum blockchain that enables users to substitute intricate Ethereum addresses with more user-friendly and understandable names such as 'myname.eth'. Scammers have previously used ENS domains to mimic major exchanges’ wallets by using a single address to register multiple ENS domains that closely resemble the hexadecimal addresses of highly active addresses. The primary aim is to intercept payments directed to these mimicked addresses, exploiting the feature of many wallets supporting ENS domains as valid destinations for asset transfers. As a result, users risk unknowingly sending assets to these fake domains with a single misclick.