假冒的Uniswap网站掏空加密钱包，诈骗者分得40万美元

一个假冒Uniswap的网站正在从多个加密钱包中盗取资金。知名链上分析师，以“b-block”为化名，警告说，骗子目前至少控制了价值40万美元的被盗资产。

用户被敦促只依赖官方链接，并通过DefiLlama验证协议。

Uniswap Tops List of Most-Targeted Platforms

The latest update comes a month after security group SEAL reported a major rise in malicious Google Ads targeting crypto users. It found that attackers were impersonating popular DeFi platforms, wallets, and trading applications to steal funds.

SEAL said it recently blocked over 356 malicious Google ad URLs tied to crypto scams, which targeted platforms such as Uniswap, Morpho Finance, PancakeSwap, Hyperliquid, CoW Swap, and 1inch users

According to the report, attackers used hacked or fraudulently obtained Google advertiser accounts and relied on cloaking, fingerprinting, and nested iframe delivery systems to bypass Google’s automated review checks. Many of the fake ads used trusted Google services such as sites.google.com and docs.google.com to appear legitimate in search results.

SEAL identified crypto drainer families, including Inferno Drainer and Vanilla Drainer, as the most commonly used malware in the campaigns. The report said these tools trick users into signing malicious wallet transactions or entering recovery seed phrases on cloned websites, allowing attackers to take control of wallet assets.

SEAL also added that the advanced infrastructure used in the attacks, including Cloudflare Workers, Arweave-hosted payloads, traffic redirection systems, and proxy layers, can intercept Ethereum RPC requests and monitor user activity in real time.

Uniswap was the most impersonated platform, accounting for 41% of tracked malicious sites. Between March 13 and March 30, confirmed and unattributed losses linked to the campaigns exceeded $1.27 million, although the security group said the actual figure was likely significantly higher.

##猖獗的钓鱼攻击

虽然最近与Uniswap相关的骗局主要涉及假网站和恶意的Google广告，但今年早些时候另一场钓鱼攻击针对Ledger用户，通过虚假电子邮件实施。此次攻击源于Ledger第三方电子商务合作伙伴Global-e的数据泄露，暴露了客户联系信息和订单信息。

骗子在电子邮件中声称Ledger和Trezor已合并，并敦促用户通过虚假网站迁移钱包，这些网站要求提供24个单词的恢复短语。钓鱼页面与公司官方品牌和信息风格高度相似。

更近期，Ripple首席技术官David Schwartz警告称，有一场钓鱼活动发送伪造的安全警报，似乎来自Robinhood的官方电子邮件系统。这些电子邮件通过利用Robinhood的账户创建流程，绕过了验证检查，使信息看起来合法。

钓鱼通知声称有“iPhone 17 Pro”的新登录，并促使用户通过“立即查看活动”按钮审查可疑活动，随后引导他们进行凭证盗窃。Robinhood随后确认了此问题，但表示没有系统被入侵，也没有资金受到影响。

该帖子“假冒Uniswap网站盗取加密钱包，骗子获利$400K ”首次发表于CryptoPotato。