-
A trader who lost a six-figure investment portfolio due to a fake Google ad promoting Uniswap.
-
Attackers are using fake sites and Punycode URLs to trick even experienced hardware wallet owners.
-
Hayden Adams, Uniswap’s CEO, said that the company has been fighting fake apps and scam advertisements for years.
Hayden Adams, the founder of Uniswap has warned that crypto phishing schemes tied to online ads remain a serious danger. A trader who lost a six-figure portfolio through a fake Google advertisement impersonating the protocol was the victim of this scam.
Adams wrote in a post to X that the team has been fighting fake Uniswap applications and scam ads for “years,” but fraudulent campaigns continue. He revealed that fake Uniswap apps appeared even during the months of waiting for official App Store approval. Scam ads continued to appear despite repeated reports.
Adams added that “they ban third-party software like uBlock which combats the issue,” Adams arguing that “the digital advertising model needs to go.”
One Click, Entire Portfolio Gone
The latest victim is a DeFi trader named @ika_xbt who lost his entire net worth of a mid-six figure amount after clicking a sponsored Google search that mimicked the Uniswap user interface. The fake website asked him to sign a malicious transaction and connect his wallet. This would allow attackers to drain his funds in seconds.
The assets included two hardware wallets, and represented years of trading in volatile market cycles. After the incident was made public, friends and associates filled the comments section with messages of support.
The attack was traced back to a wallet-draining software known as AngelFerno. It is described as a “scam as a service” operation that targets DeFi users. Similar front-end phishing campaigns have impersonated other cryptocurrency platforms in the past using nearly identical website designs and deceptive names.
Related:Wallet poisoning and phishing scams drain millions in Crypto
Google Ads Under Fire
ZachXBT, an investigator on-chain, called for accountability. He claimed that aggregate losses associated with Google-hosted ads phishing have reached nine figures. He said that executives should be held accountable for their failure to stop the proliferation of malicious sponsored link.
Chainalysis and other security firms have warned that Google search ads are a major attack vector. In July 2025, a DeFi customer lost $1.2M in a similar scam involving a Uniswap ad.
The mechanics of the scam are simple but deadly. Scammers buy Google ad positions for search terms such as “Uniswap”, “DeFi swap” and their malicious site appears above the genuine result. Once a user signs a transaction and connects their wallet, a drain script empty the account.
DeFiLlama developers have spent years developing tools to reduce phishing risk. One contributor encouraged users to avoid Google and instead rely solely on DeFi link directories, or bookmarked official URLs.
Phishing Infrastructure evolves
AngelFerno is active on multiple domains. Some of these have been flagged as phishing by GitHub. Attackers are increasingly using Punycode URLs that replace characters with similar Cyrillic alphabets. Fake domains are almost impossible to distinguish from real ones at first glance.
Even experienced traders who use hardware-based wallets can be victims. The victim claimed that the loss was not just bad luck, but the result of increased exposure to malicious links due to frequent on-chain activities.
Uniswap remains one of the most popular exchanges decentralized, allowing users to swap tokens without a central platform. Its popularity makes it a popular target for scammers, who create fake versions of the site.
Adams warns crypto users to be on guard as phishing techniques become more sophisticated.
Related toSnail mail scam targets Trezor and Ledger users
This site is for entertainment only. Click here to read more
