A fresh phishing campaign using fake Uniswap sites advertised through Google Search has siphoned off at least $400,000 from unsuspecting crypto users, highlighting a persistent weak spot in search-ad policing. What happened - On-chain analyst “b-block” flagged a malicious website impersonating Uniswap that drained multiple wallets. Two attacker-controlled addresses tied to the operation together held 146 ETH — roughly $306,000 at the time of reporting, according to Etherscan snapshots shared by the analyst. - Web3 marketer Stacy Muur (founder of Green Dots) posted screenshots showing a sponsored Google search result that led to the phishing site and blasted Google for failing to stop similar scams that repeatedly push fake links above the real ones. How the scam works - Attackers buy or hijack Google Ads to place spoofed DEX links at the top of search results, making them highly visible to users searching for Uniswap or other protocols. - The phishing pages are near-perfect clones of legitimate platforms. When victims connect wallets and approve what looks like a routine transaction, they often inadvertently grant smart contracts unlimited transfer permissions. That approval lets scammers pull funds directly from the victim’s wallet without needing private keys. - Tactics include Punycode domains, hidden iframes and secondary payloads designed to evade automated ad-detection systems — meaning malicious pages can display legitimate-looking URLs to Google while routing traffic through attacker-controlled infrastructure. Context — this is not new - Google-Ads-driven phishing has been implicated in multiple large losses this year. In July, Scam Sniffer reported a DeFi user lost over $1.23 million in Uniswap NFTs after interacting with a fake site promoted via Google Ads. - The Security Alliance (SEAL) said phishing via Google Search ads surged in March and that attackers either outbid legitimate advertisers or compromise advertiser accounts to publish fake links. SEAL reported blocking more than 356 malicious ad links over the past year and estimated phishing tied to Google ads stole about $1.27 million between March 13–30 alone. - Blockchain security firms such as DeFiLlama and PeckShield Alert have repeatedly warned about similar campaigns, including recent fake Aave ads placed at the top of Google results. Why it succeeds - Sponsored search results look trusted, and cloned UI + convincing URLs make it easy for users to be fooled. - Once an approval is granted from a connected wallet, smart contracts can execute transfers without further interaction, so a single mistaken click can be catastrophic. Takeaways for users and platforms - Users: bookmark official DEX addresses, double-check URLs (watch for Punycode), carefully review wallet approvals, and use tools to audit or revoke excessive allowances. - Platforms and ad providers: security teams and ad platforms need more robust detection, faster takedowns, and better controls to prevent malicious actors from buying top ad slots or compromising advertiser accounts. This latest case underscores how sponsored search remains a favored vector for large-scale crypto phishing — and how much work is still needed from ad platforms and the broader ecosystem to stop it.
Google Ads-Promoted Fake Uniswap Scam Steals $400K+
ChainGPTShare
Summary
A crypto scam alert has been issued after a phishing campaign using fake Uniswap sites promoted via Google Ads stole over $400,000. On-chain news reveals that two attacker addresses hold 146 ETH, valued at $306,000. The scam uses spoofed DEX links and near-perfect clones to trick users into approving unlimited transfers. Attackers employ Punycode domains and hidden iframes to avoid detection. Similar Google Ads scams caused over $1.27 million in losses in March, per the Security Alliance (SEAL).
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.