Uniswap founder warns community about ENS wallet impersonation scam


Article Contents

In This Article

Hayden Adams, the founder of decentralized exchange (DEX) Uniswap, has warned the crypto community about a scam using wallet addresses as Ethereum Name Service (ENS) domains.

On Feb. 14, Adams shared a warning on X about scammers impersonating his Ethereum wallet. The executive explained that the scammers copied and registered his wallet address as an ENS wallet with .eth. Furthermore, the Uniswap founder said pasting his wallet address in some user interfaces would show an ENS match unrelated to his address as the top search result.

f15c4da3 adcb 49a3 a587 dcdfdda4f174
Demonstration of a scam address imitating a legitimate one with a .eth domain. Source: Hayden Adams

The scam seems designed to confuse digital asset senders who may accidentally send their crypto to the wrong address instead of the correct recipient. Adams urged user interfaces to filter out such addresses to avoid any losses from the attack vector.

While the scam vector looks pretty new, Taylor Monahan, the founder of Ethereum wallet manager MyCrypto, said in a post that the same scam vector was used in the early days of the MyEtherWallet wallet service. Monahan added that it broke registrations and resolutions for names beginning with “0x” at the time.

ENS founder and lead developer Nick Johnson also commented on the scam vector, saying that interfaces should not autocomplete names. The developer said that this was “far too dangerous” and that ENS advises against it in its user experience guidelines.

Related: Crypto is rife with impersonation scams, don’t let them steal your money

Meanwhile, crypto investors reported receiving emails from scammers impersonating major Web3 companies in January. On Jan. 23, scammers facilitated a wide-scale email campaign that promoted fake airdrops while pretending to be from firms like Cointelegraph, WalletConnect, Token Terminal and other crypto companies.

It was later determined that the phishing attack was caused by a security breach at the email marketing firm MailerLite. On Jan. 24, the firm confirmed that hackers gained control of Web3 accounts through a social engineering attack. Analytics platform Nansen’s research team estimated that the scammer’s phishing wallet received inflows of about $3.3 million since the campaign started.

Magazine: Scam AI ‘kidnappings’, $20K robot chef, Ackman’s AI plagiarism war: AI Eye