A sophisticated social engineering campaign successfully tricked several prominent crypto news outlets into promoting a fabricated $10 million Uniswap airdrop on February 16. The scammer, posing as a representative of the Uniswap Foundation, provided coordinated publicity in conjunction with the legitimate Uniswap v4 announcement.
CryptoSlate declined to cover the airdrop because of concerns about possible malicious changes to the tracking links after publication. While Uniswap’s v4 announcement turned out to be realthe associated airdrop was exposed as a scam.
The scammer painstakingly built credibility by citing a conversation with “Uniswap’s VP of Communications” and proposing favorable payment coverage. This level of coordination suggests an evolution in the tactics used by scammers targeting the crypto media space.
As the conversation about a possible partnership continued, the scammer began to increase the complexity of their duplicity. Below is a spoofed screenshot of an email sent to CryptoSlate to prove the legitimacy of the campaign.
But when assessing the content, CryptoSlate identified the use of tracking links using redirects instead of typical UTM parameters, meaning the links could be changed at any time to point to any website, requiring the publication to change the content.
The scammer was confronted, after which further communication stopped. The company involved in the scam is registered in the United Kingdom, one of the top three countries for crypto crime in 2023.
Uniswap airdrop scam claims
The article in question, successfully published on numerous crypto media sites, falsely claimed the launch of Uniswap V4 and a $10 million UNI airdrop. It contained genuine links to the Uniswap website, which were then changed to point to a phishing site after Uniswap made the actual announcement.
Specifically, it reported a lavish $10 million UNI airdrop to celebrate the launch of the V4. It described it as a first-come, first-served initiative to reward the community and attract new users. This move was presented as a strategy to democratize financial participation and engage users. This is in contrast to legitimate airdrops that are conducted based on previous wallet activity, and not on a first-come, first-served basis.
The real news, on the other hand, highlights the Uniswap Foundation’s announcement of the tentative launch date for Uniswap V4 after the Ethereum Dencun upgrade. The real announcement focuses on the development phases, including core code completion, testing, gas optimization, and security improvements. It mentions a community audit competition and testnet deployment as preparatory steps for the final launch on the Ethereum mainnet, tentatively scheduled for Q3 2024.
Although no financial losses to readers have been reported at the time of writing, this incident erodes trust. For reputable news media, maintaining credibility is of the utmost importance. In the aftermath, crypto media and industry observers will take a closer look at the measures needed to protect against increasingly sophisticated social engineering scams.
This incident highlights the risks inherent in the fast-paced crypto news cycle. Publishers face increasing pressure to publish impactful stories quickly, but must thoroughly investigate potential sources. The scammer’s use of self-destructing messages adds an extra layer of security, hindering post-incident investigations.
It serves as a poignant reminder of the due diligence required in crypto reporting. In this case, the fraudulent airdrop scheme closely coincided with a major legitimate product announcement, increasing its plausibility. Journalists are advised to maintain a healthy skepticism and apply rigorous verification techniques even when faced with seemingly urgent and tempting opportunities.
