An anonymous user has reportedly lost around $140,000 worth of Uniswap UNI tokens to a yield farming scam.
Yield chasers in search of the next â€œDeFi gemâ€ are falling victim to elaborate scams with rogue actors on the prowl, using cleverly devised malicious contract codes to steal funds.
From â€œrug pullsâ€ to outright absconding with presale funds, the activities of DeFi scammers are threatening to overshadow the novel developments in the emerging crypto market niche.
DeFi Farming Hopeful Loses 36,000 UNI Tokens
TweetingÂ on Oct. 5, Alex Manuskin, a researcher at crypto keyless wallet maker ZenGo, revealed that an anonymous â€œChadâ€ with the moniker Jhon Doe unknowingly lost UNI tokens worth $140K. This loss came as a result of Doeâ€™s participation in a fraudulent yield farming project.
The anonymous yield chaser seeking to leverage on the yield farming hype decided to put some of his UNI tokens in UniCats, a new DeFi scheme. The project allows investors to farm its MEOW tokens, after which they can withdraw their tokens.
And Thatâ€™s Where Things Went Wrong
However, events took a left turn for the would-be-Chad as malicious codes in the projectâ€™s contract allowed the dev to withdraw the victimâ€™s UNI tokens. This theft was possible because of an earlier approval grant by Doe for the project to spend an unlimited number of UNI tokens.
Commenting on the enormity of the error, Manuskin remarked:
â€œWhat Jhon doesnâ€™t know is that once you approved the contract to use âˆž tokens, the contract can take their tokens at any time. Even after they were withdrawn from the farming scheme.â€
The rogue dev reportedly siphoned 36,000 UNI tokens in two separate heists bringing the rogue actorâ€™s loot to about $140,000. According to Manuskin, the scammer is a regular token thief who often creates phony farming protocols to fool unsuspecting yield chasers. Apart from fishing for new victims, the UniCat con artist is also reportedly using Tornado Cash, a crypto mixer, to obscure fund transfers.
Jhon Doeâ€™s case is one of the many fraudulent actors taking advantage of the DeFi craze. Most DeFi projects turn out to be pump and dump schemes. AsÂ reportedÂ byÂ CryptoPotatoÂ in September, DeFi projects HOTDOG, and PIzza saw their values skyrocket before becoming worthless within minutes.