Scammers Steal $400K via Fake Uniswap Google Ads

A trader known as @ika_xbt connected their wallet to what looked like Uniswap. It wasn’t. One authorized transaction later, at least $400K vanished, instantly and irreversibly drained from their portfolio through a fraudulent site served up by a Google ad.

The scam is painfully straightforward: buy a sponsored search result for “Uniswap,” clone the official interface down to the pixel, and wait for someone to connect their wallet. The victim in this case wasn’t a crypto novice. They were an experienced user who simply clicked the wrong link at the top of their search results.

Here’s the thing about Google ads: they sit above organic search results. For most people, that top link is the one they click without thinking. Scammers know this, which is why they’ve been purchasing sponsored placements for popular DeFi protocols for years.

The cloned sites use deceptive domains, sometimes hosted on seemingly legitimate infrastructure like sites.google.com, which gives them an added veneer of credibility. The user interface differences between the real Uniswap and the fake version are subtle enough to fool even seasoned traders.

Once a user connects their wallet and approves a transaction on the malicious site, the smart contract interaction grants the attacker permission to drain funds. Because blockchain transactions are irreversible by design, there’s no customer service line to call, no chargeback to file.

What makes this particular attack vector so dangerous is that it bypasses the security measures many users think are protecting them. Even hardware wallet holders aren’t immune. The hardware wallet does exactly what it’s supposed to do: it signs the transaction the user approves. The problem is that the user was tricked into approving a malicious transaction in the first place.

Hayden Adams, the founder of Uniswap, took to X to address the issue publicly. His message wasn’t directed at users. It was aimed squarely at search platforms, urging them to take greater responsibility in preventing scam ads from reaching users in the first place.

The frustration is understandable. Community members have flagged these fraudulent ads repeatedly over the years, and yet the problem persists. Scammers get taken down, spin up a new domain, buy another ad, and the cycle continues.

In January 2026, crypto-related scams and exploits exceeded $370 million in total losses. Phishing ads were identified as a primary vector in many of those cases.

The burden of protection currently falls almost entirely on individual users. Security experts recommend bookmarking official URLs for any DeFi protocol you use regularly, never clicking sponsored search results for crypto platforms, and carefully verifying every transaction approval before signing.