Close Menu
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
What's Hot

How Malicious Liquidity Pools Are Trick-Quoting Ethereum and Polygon Users

July 17, 2026

Users were warned before Polychain-backed Cascade suffers $1.3M exploit

July 17, 2026

Live markets: Bitcoin slips to $63,000 as the chip rout goes global

July 17, 2026
Facebook X (Twitter) Instagram
Recession Profit AlertsRecession Profit Alerts
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
Recession Profit AlertsRecession Profit Alerts
Home»Security»How Malicious Liquidity Pools Are Trick-Quoting Ethereum and Polygon Users
Grant Cardone Stacks Another 10.5 Bitcoin From July Rent Cash Flow, Keeping Holdings Above 2,700 BTC
Security

How Malicious Liquidity Pools Are Trick-Quoting Ethereum and Polygon Users

July 17, 2026No Comments4 Mins Read

Key Takeaways

  • Enso’s July 16 report exposed “toxic pools” that fake quotes, causing tens of thousands of dollars in losses on a Curve pool.
  • The exploit threatens DeFi front-ends, with one malicious Uniswap v4 hook causing a 99.1% failure rate.
  • Enso updated its Enso Shield product to detect fake quotes across 2 different blockchain environments.

A ‘Jekyll and Hyde’ Tactic

A newly uncovered class of malicious decentralized finance ( DeFi) liquidity pools is targeting the core infrastructure that cryptocurrency traders rely on to find the best prices, according to new research published July 16 by DeFi infrastructure firm Enso.

The company is calling the deceptive setups “toxic pools.” Unlike typical cryptocurrency hacks that drain funds directly from smart contracts, these pools are engineered to systematically trick transaction simulations. They return attractive, highly competitive price quotes when a crypto wallet or decentralized exchange ( DEX) aggregator runs a simulation, but they alter their behavior the moment the transaction is actually executed on the blockchain.

The result is a subtle, systemic drain: traders receive significantly worse execution prices than they were quoted, or their transactions fail, burning network fees in the process.

“Our investigation leads us to believe this is not simply another isolated smart contract exploit,” said Milos Costantini, co-founder and chief product officer at Enso. “The industry has spent years optimizing price discovery. Our findings suggest the next challenge is verifying execution integrity.”

According to Enso’s report, toxic pools exploit the off-chain “dry-run” simulations that wallets use to preview trades. The malicious contracts detect when they are running in a read-only simulation environment and return an artificially optimized price. Once the transaction is actually broadcast on-chain, the pool alters its mathematical logic to execute the trade at a degraded rate.

See also  Users point to BlueMove insider backdoor as liquidity pools on Sui get drained

To remain hidden from security systems, these pools alternate between honest and malicious states, rendering static code scanners and historical reputation filters ineffective. This bait-and-switch design degrades the user experience and drains user funds through failed transactions. In one case study, a manipulated Curve pool triggered more than 37,000 reverted trades, forcing users to burn nearly $30,000 in gas fees.

Attackers are also exploiting next-generation, modular exchange architectures. On Polygon, a malicious “hook” — a smart contract plugin used in platforms like Uniswap v4 — lured routing systems with fake rates before triggering a 99.1% transaction failure rate.

Findings From On-Chain Forensic Analysis

The research, which spanned roughly two months of on-chain forensic analysis, combined historical archive- node data, transaction trace analysis and smart contract inspections. Enso engineers, with support from contacts at major DeFi protocols Curve Finance and Oku, identified active toxic pools operating across both the Ethereum and Polygon blockchains.

In one documented case study on Ethereum, a manipulated Curve pool processed more than 129,000 swaps. While the pool appeared to be the optimal route, it delivered worse execution than quoted, leading to approximately $225,000 in overstated quotes.

Furthermore, Enso’s team identified multiple blockchain oracle contracts deployed by the same operator to support additional pools, indicating the tactic is likely more widespread than the two documented cases and could represent an emerging template for on-chain extraction.

The findings present a direct challenge to the user-facing layer of the DeFi ecosystem. Popular wallets, consumer-facing interfaces and aggregators depend heavily on automated simulations to guarantee the “best path” for a user’s trade.

See also  EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts

Enso’s report highlights that if routing infrastructure cannot distinguish between a legitimate quote and a manipulated one, front-ends will continue to steer users toward these traps. This creates potential legal and financial liability risks for wallet providers and interface operators who promise “best execution” but routinely deliver toxic routes.

In response to the threat, Enso announced it has updated its execution-protection product, Enso Shield, to include dedicated toxic-pool detection. The security tool is designed to bypass standard simulation methods by analyzing live on-chain context, monitoring quote history and using transaction traces to spot execution discrepancies.

Rather than blaming individual decentralized exchanges, Enso has called on the wider cryptocurrency industry to conduct further research into the manipulation of transaction simulations.

“If transaction simulations can be manipulated while real execution tells a different story,” Costantini said, “we need better ways to verify what users actually receive.”

Source link

Ethereum liquidity Malicious Polygon Pools TrickQuoting users

Related Posts

Users were warned before Polychain-backed Cascade suffers $1.3M exploit

July 17, 2026

Ledger wants AI agents to manage crypto without holding your keys

July 17, 2026

ZachXBT Calls Hardware Wallets ‘Garbage,’ Singles Out Ledger as Worst

July 17, 2026

U.S. adds four Iran central bank crypto wallets to sanctions, Tether freezes $131 million of contents

July 17, 2026
Top Posts

SBF’s College Roommate Testifies Against Him

October 7, 2023

Trump ‘May Keep Going’ With Strikes As Iran Took ‘Too Long’ To Negotiate Deal, Must ‘Pay The Price’

June 10, 2026

American Journalist Shelly Kittleson Kidnapped In Baghdad

March 31, 2026

Type above and press Enter to search. Press Esc to cancel.