Scammers Steal Over $400,000 Via Fake Uniswap Google Ads

Tech

Scammers Steal Over $400,000 Via Fake Uniswap Google Ads

• Scammers have stolen at least $400,000 by promoting fake Uniswap sites through Google sponsored ads.
• Google Search phishing attacks have surged since March, with attackers often buying or compromising ads.
• This signals ongoing DeFi interfaces risks as phishing attacks targeting popular protocols intensify.

Scammers have stolen at least $400,000 through fake Uniswap Google Ads. The stolen funds reportedly came from users who were redirected to phishing sites impersonating Uniswap after clicking sponsored Google ads.

On May 25, 2026, on-chain analyst b-block issued a community warning that scammers were actively draining funds through a phishing website impersonating Uniswap. The attackers had stolen over $400,000, including at least 146.6 Ethereum (ETH), as well as other tokens and cross-chain assets. The stolen funds were traced to two addresses, including:

• 0x37925684BA178821b4436E06e67f5dBD6cfA49Bb
• 0x2fC25F46cC49D226eF92E9A7665f3d2821F3c5E2

Meanwhile, the Security Alliance (SEAL) previously said Google Search phishing campaigns have risen sharply since March, with attackers often buying ads or compromising legitimate ad accounts to impersonate popular crypto protocols.

How Fake Uniswap Google Ads Enabled the Phishing Scam

Notably, the scammers purchased sponsored ad placements on Google that appeared at the top of search results for “Uniswap.” When users clicked these ads, they were directed to counterfeit websites that closely impersonated the legitimate Uniswap interface.

The fake sites tricked users into connecting their crypto wallets and approving transactions. Behind the scenes, these approvals triggered malicious drainer contracts that transferred funds directly to the attackers.

Whats the Impact on DeFi User Trust and Security？

This incident highlights growing concerns around DeFi user trust and security. Users now view even major DeFi platforms as vulnerable to discovery-layer exploits, accelerating distrust in centralized discovery tools and prompting many to favor Centralized Exchanges (CEXs) over self-custodial solutions.

From a security perspective, the incident underscores a critical evolution in threat vectors, from on-chain exploits to off-chain interface attacks. Wallet drainers that leverage social engineering through paid search results expose the fragility of user-facing entry points. Even with secure underlying protocols, irreversible transaction approvals continue to represent the highest risk surface, demanding heightened user vigilance and improved wallet-level safeguards.

Looking ahead, this could accelerate adoption of domain authentication tools, browser extensions with real-time artificial intelligence (AI) scam detection, and greater industry pressure on ad platforms for rigorous vetting. Projects will prioritize direct onboarding channels and education campaigns, while decentralized discovery mechanisms gain traction. However, sustained attacks may persist until search giants implement crypto-specific controls, keeping onboarding friction elevated and institutional trust recovery gradual.