Overview
- On-chain analysts and reporters on Tuesday flagged fake Google Search ads that routed users to cloned Uniswap pages and have been tied to at least $400,000 in immediate wallet drains.
- Attackers buy or hijack sponsored search placements, serve near-identical Uniswap interfaces on deceptive domains or sites.google.com, and use hidden iframes to load malicious code that automated checks miss.
- The scam requires a user to connect a wallet and approve a transaction, which grants a malicious smart contract permission to move funds that cannot be reversed on Ethereum.
- Security group SEAL said it blocked more than 356 malicious ad links and reported roughly $1.27 million stolen between March 13 and March 30, showing the technique has been active and large-scale for months.
- Platform operators have not announced substantive fixes, Uniswap founder Hayden Adams has urged search platforms to act, and experts advise bookmarking official sites, avoiding sponsored crypto search results, and carefully verifying every approval before signing.