Google procura anúncios falsos que roubam 400 mil dólares! Uniswap falsificado, roubados 1,27 milhões de dólares em duas semanas de março

On-chain analysts discover that fake Uniswap ads are ranking in Google search results, stealing at least 400,000 USD (about 146 ETH). Security organization SEAL states that phishing activities on Google searches increased significantly in March, with 1.27 million USD stolen in just two weeks.
(Background summary: Uniswap announced the launch of V4 this year. What core changes will the upgrade bring?)
(Additional background: $2.1 billion stolen in six months! Security report: Hackers are shifting focus from smart contracts to regular users, with four tips to protect crypto assets.)

On-chain analyst b-block pointed out in a X post on Monday that fake websites impersonating the decentralized crypto exchange Uniswap are stealing funds from multiple wallets, with confirmed stolen amounts of at least 400,000 USD.

Web3 marketing agency Green Dots co-founder Stacy Muur confirmed on X that these funds were stolen through phishing ads on Google search, sharing screenshots of paid ads in search engines. She emphasized: "Google has ignored this problem for years, fake links keep outranking genuine ones, and users’ funds are being stolen like this."

According to Etherscan data, two flagged addresses hold a total of 146 ETH, worth about 306,000 USD.

Phishing on Google search surged in March, stealing 1.27 million USD in two weeks

Cryptocurrency data platform DeFiLlama states, "Fake ads on Google are a common source of phishing attacks." The non-profit crypto organization Security Alliance (SEAL) released a report in April indicating that phishing activities on Google search saw a "significant increase" in March.

SEAL explains that attackers operate these fake ads by paying for them or hacking legitimate ad accounts, disguising them as popular protocols, and outbidding genuine protocols in the "sponsored results" section of Google search. These phishing ads use seemingly normal URLs to evade Google's automatic checks, while hidden iframes load malicious code that Google’s detection systems cannot see.

Victims clicking on these ads are directed to realistic copy pages of crypto applications, with all web traffic secretly rerouted to servers controlled by attackers. SEAL reports that from March 13 to 30, a total of 1.27 million USD was stolen. As of the report’s release, SEAL had blocked over 356 malicious ad links.

SEAL warns: "There are no signs of this attack slowing down; we continue to receive reports from affected users."

Not only cryptocurrencies: fake ads have spread to other fields

Besides crypto protocols, Google ads are also used to promote malware. A report in early May showed that attackers used Google ads and AI chatbot Claude’s shared conversations to launch "malicious advertising" campaigns targeting Mac users.

Facebook is also heavily affected by fake ads. Security software company Malwarebytes reported in February that scammers placed paid ads on Facebook that appeared to be official Microsoft promotions, directing users to near-perfect copies of Windows 11 download pages, which deployed malware designed to steal cryptocurrencies and account credentials.

This serves as a clear warning to crypto users: before clicking any search result, verify that the ad link points to the correct website — the first line of defense against fund loss.