Main navigation

Scam Alert: Cryptocurrency Wallets Getting Drained After Approving This Airdrop

Fri, 23/07/2021 - 16:10
Scam Alert: Cryptocurrency Wallets Getting Drained After Approving This Airdrop
Cover image via
Read U.TODAY on
Google News

After being attacked by a white hat hacker earlier today, cross-chain protocol Thorchain is once again in the spotlight because of yet another exploit on its codebase.

According to multiple user reports, a bad actor is currently airdropping UNI Holding (UniH) tokens to a slew of addresses.

If the airdrop gets approved for swapping, the victim's wallet gets drained because of a quirky function called transferTo.


It creates a vulnerability that allows malicious actors to steal tokens by intercepting tx.origin, which is a variable in the Solidity programming language that returns the address of the sender. In plain words, it makes it possible for someone to send tokens from your own wallet on your behalf.

The hacker has stolen $72,659 worth of RUNE tokens as of press time.

Users are encouraged to be mindful when approving suspicious tokens that happen to be airdropped to their wallets.

U.K. Man Involved in Hacking Elon Musk's Twitter Account Arrested in Spain

When it rains, it pours

On July 23, Thorchain—which allows seamless swapping of numerous cryptocurrencies —acknowledged that it had suffered "a sophisticated attack" and had lost $8 billion. A benevolent hacker wanted to teach the project a lesson, claiming that the fallout from the attack could be much worse in his note:

Do not rush code that controls 9 figures.

Earlier this July, the Thorchain project also endured a $5 million exploit.

The wallet-draining airdrop has only extended its streak of bad luck.


Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles