Catenaa, Tuesday, June 02, 2026-Crypto scammers posing as Uniswap through fraudulent Google advertisements have stolen at least $400,000 from unsuspecting users, according to blockchain investigators and cybersecurity researchers tracking a growing phishing campaign targeting decentralized finance users.
Researchers said attackers placed fake sponsored links above legitimate Uniswap search results, directing victims to counterfeit websites engineered to drain cryptocurrency wallets.
Security analysts warned the operation has been active for more than a year and continues expanding across major online advertising platforms.
The phishing campaign exploits Google’s advertising system by either purchasing ad placements directly or hijacking legitimate advertiser accounts to publish malicious sponsored results.
Investigators said the fake advertisements closely resemble official Uniswap links, making them difficult for users to identify.
Victims clicking the sponsored listings are redirected to highly convincing replicas of the Uniswap trading platform while malicious backend systems silently capture wallet approvals and drain funds.
Blockchain analyst “b-block” traced stolen assets to multiple wallet addresses allegedly connected to the operation. At least 146 ether worth more than $300,000 remained inside identified wallets during the latest investigation phase.
Cybersecurity nonprofit Security Alliance, known as SEAL, said more than 356 malicious crypto-related advertising links were blocked in recent monitoring efforts.
The organization estimated attackers stole at least $1.27 million between March 13 and March 30 alone through similar phishing campaigns.
The incident highlights growing cybersecurity risks facing retail cryptocurrency users as scammers increasingly exploit mainstream digital advertising infrastructure rather than relying solely on direct hacking methods.
Analysts warned that decentralized finance platforms remain especially vulnerable because wallet approvals can instantly transfer assets without centralized fraud protection or transaction reversals.
Researchers also said the threat is spreading beyond cryptocurrency.
Recent campaigns reportedly targeted artificial intelligence users, Microsoft software downloads and online productivity tools using similar malicious advertising techniques.
Several experts criticized major technology companies for failing to stop recurring malicious ad operations despite years of reported abuse.
Cybersecurity specialists said phishing attacks increasingly combine sophisticated social engineering with automated infrastructure capable of bypassing advertising review systems.
Researchers noted that fake sponsored links often appear more trustworthy than ordinary search results because users assume paid advertising receives stronger verification.
Industry observers urged crypto users to bookmark official websites directly instead of relying on search engine advertisements.
Crypto phishing attacks surged globally as digital asset adoption expanded among mainstream retail users.
Decentralized finance platforms meanwhile remain attractive targets because large volumes of user-controlled assets are directly accessible through browser-connected wallets.
The broader crypto sector also faces increasing concern over malware campaigns targeting developers, exchanges and blockchain infrastructure providers.
Cybersecurity firms continue warning that phishing and wallet-draining scams remain among the fastest-growing threats in digital finance.
