- Scammers promoted pretend Uniswap websites via Google sponsored advertisements and stole at the very least $400,000.
- Google Search phishing assaults have skyrocketed since March, with attackers usually shopping for or compromising advertisements.
- This means continued DeFi interface dangers as phishing assaults concentrating on common protocols intensify.
Scammers stole at the very least $400,000 via pretend Uniswap Google advertisements. The stolen funds reportedly got here from customers who had been redirected to a phishing website masquerading as Uniswap after clicking on a sponsored Google advert.
On Could 25, 2026, on-chain analyst b-block issued a warning to the group that scammers had been actively draining funds via phishing web sites impersonating Uniswap. The attackers stole over $400,000, together with at the very least 146.6 Ethereum (ETH), in addition to different tokens and cross-chain belongings. The stolen funds had been traced to 2 addresses:
- 0x37925684BA178821b4436E06e67f5dBD6cfA49Bb
- 0x2fC25F46cC49D226eF92E9A7665f3d2821F3c5E2
In the meantime, the Safety Alliance (SEAL) beforehand stated Google search phishing campaigns have spiked since March, with attackers shopping for advertisements or compromising respectable promoting accounts to impersonate widespread cryptographic protocols.
How pretend Uniswap Google advertisements enabled phishing scams
Particularly, the scammers bought sponsored advertisements on Google that seem on the high of search outcomes for “Uniswap.” When customers click on on these advertisements, they’re directed to a pretend web site disguised as a respectable Uniswap interface.
The pretend website tricked customers into connecting to their cryptocurrency wallets and authorizing transactions. Behind the scenes, these approvals triggered a malicious Drainer contract that transferred funds on to the attackers.
What are the implications for belief and safety for DeFi customers?
The incident highlighted rising issues about belief and safety amongst DeFi customers. Customers now see even main DeFi platforms as weak to discovery layer exploits, accelerating mistrust of centralized discovery instruments and main many to choose centralized exchanges (CEX) over self-custodial options.
From a safety perspective, this incident highlights a major evolution in risk vectors, from on-chain exploits to off-chain interface assaults. Pockets drainers leverage social engineering via paid search outcomes to reveal vulnerabilities in entry factors for customers. Even when the underlying protocol is safe, confirming irrevocable transactions nonetheless represents the best threat facet and requires elevated person vigilance and enhanced wallet-level safeguards.
Sooner or later, this might speed up the adoption of area verification instruments, browser extensions with real-time synthetic intelligence (AI) fraud detection, and improve stress for elevated trade scrutiny of promoting platforms. Tasks will prioritize direct onboarding channels and academic campaigns, whereas decentralized discovery mechanisms will acquire traction. Nevertheless, sustained assaults are more likely to proceed till search giants implement cryptocurrency-specific controls, onboarding frictions improve, and belief in establishments is progressively restored.
Associated: Pretend Google advertisements leak merchants’ portfolios. Uniswap founder requires motion
Disclaimer: The knowledge contained on this article is for informational and academic functions solely. This text doesn’t represent monetary recommendation or recommendation of any type. Coin Version isn’t accountable for any losses incurred because of the usage of the content material, merchandise, or companies talked about. We encourage our readers to conduct due diligence earlier than taking any motion associated to our firm.