Home
News
Details

Uniswap phishing attack via Google Ads steals over $400,000

icon币界网
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
UNI
$2.49732.93%
AI summary iconSummary

expand icon
Uniswap users lost over $400,000 after falling victim to a DeFi exploit through Google Ads. Attackers redirected traffic to phishing sites that mimic the protocol’s update interface. These fake pages trick users into signing malicious transactions, transferring tokens, or triggering direct withdrawals. The scam does not exploit protocol vulnerabilities but instead targets user behavior and search habits. Keyword-based advertising helped spread the attack over time.
CoinDesk reports:

A phishing campaign targeting Uniswap users is once again turning search portals into high-risk entry points for cryptocurrency theft. Foreign media reports indicate that attackers are using Google ads to direct users to counterfeit pages, tricking them into connecting their wallets and approving malicious permissions, resulting in over $400,000 stolen to date.

Attack by using search ads to drive traffic

These attacks do not rely on vulnerabilities in the protocol itself, but instead exploit users' habit of searching for official website links through search engines. Attackers purchase keyword ads related to Uniswap to place counterfeit websites at the top of search results, then mimic the official interface in their page design to reduce user vigilance.

Once users enter a fake page, they are often prompted to connect their wallet, confirm a transaction, or update authorization. Although these steps appear similar to normal procedures, the signed content actually transfers control of the tokens to the attacker or directly triggers a transfer.

Has resulted in losses exceeding $400,000

The report states that this phishing campaign has enabled attackers to acquire over $400,000. The losses did not result from a single large theft but rather appear to stem from the sustained harvesting of multiple victim addresses, suggesting that the fraudulent ads and counterfeit pages may have been active for some time.

Based on past cases, phishing attacks commonly occur in scenarios such as decentralized exchanges, airdrop claims, and wallet connections. Attackers typically do not directly target on-chain protocols; instead, they prioritize attacking user access points, as these methods are less costly and easier to bypass the detection capabilities of average users.

Frontend access security is once again under the spotlight

This incident again highlights that DeFi users face risks not only from smart contracts but also from search engines, social platforms, and frontend interfaces. Even if a protocol operates correctly, users can still lose their assets during the approval process if they access a malicious link.

For high-usage protocols like Uniswap, greater brand recognition makes them more vulnerable to impersonation. Search ads, spoofed domains, and highly similar page layouts have become recurring tactics used by attackers.

  • Affected parties: Uniswap users who arrived at the counterfeit page via search
  • Attack methods: Google ad traffic redirection, fake official website pages, malicious signatures
  • Known loss: The attacker gained over $400,000
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.