Snapshot from Jun 25, 2026 at 22:38 UTC. For live data and tracking: View Live
Events / Accidents / Fake Uniswap Google Ads Steal $400K
Accidents phishing scam

Fake Uniswap Google Ads Steal $400K

Analysis based on 13 articles · First reported May 26, 2026 · Last updated May 26, 2026

Sentiment
-80
Attention
6
Articles
13
Market Impact
Direct
Live prominence charts, article sentiment distribution, and event development timeline available on the NewsDesk Dashboard
Market Impact

The ongoing phishing scam using fake Alphabet Inc. Ads to impersonate Uniswap has led to at least $400,000 in stolen cryptocurrency, primarily Ethereum. This erodes user trust in decentralized finance platforms like Uniswap and highlights significant security vulnerabilities within Alphabet Inc.'s advertising ecosystem, potentially impacting Alphabet Inc.'s reputation and the broader crypto market's perceived safety.

cryptocurrency decentralized finance internet services
Event Summary

A coordinated phishing campaign is actively exploiting Alphabet Inc.'s advertising platform to steal cryptocurrency from users searching for Uniswap. Scammers purchase sponsored Alphabet Inc. Ads that appear above legitimate Uniswap links, directing unsuspecting users to cloned websites that perfectly mimic Uniswap's interface. Once on these fake sites, victims are tricked into connecting their wallets and approving malicious transactions, which grants attackers permission to drain their assets. On-chain analyst BlockFi and Web3 marketer Stacy Muur have tracked the campaign, with at least $400,000 in Ethereum and other cryptocurrencies stolen. Cloud Security Alliance (SEAL) reported a significant increase in such phishing activity, blocking over 356 malicious links and noting the campaign has been active for over a year. Critics, including Stacy Muur, have condemned Alphabet Inc. for its failure to address these recurring issues effectively, despite years of complaints from the crypto community. The scam highlights a critical risk for users of self-custodial protocols, as the responsibility for verifying URLs and transaction details falls squarely on them. While Uniswap itself has not been hacked, the repeated high-profile attacks could erode user trust in the DEX sector.

Key Actions
90 BlockFi warned via X
90 Alphabet Inc. ignored problem for years
80 Stacy Muur confirmed mechanism used
70 Cloud Security Alliance reported spike in activity
60 Uniswap not hacked
50 Uniswap warned about attackers
Entities Involved
crypto
Uniswap
Uniswap is the primary target of the phishing campaign, with scammers impersonating its interface to trick users. This event erodes user trust in Uniswap and the broader DeFi sector.
Importance 100 Sentiment -70
stock
Alphabet Inc.
Alphabet Inc.'s ad platform is being exploited by scammers to promote fake Uniswap sites. Alphabet Inc. is criticized for its failure to effectively address the recurring issue of malicious ads, which impacts its reputation and the safety of its search results.
Importance 90 Sentiment -50
priv
BlockFi
BlockFi is an on-chain analyst who identified the scam, tracked the stolen funds to specific wallet addresses, and warned the public about the fake Uniswap Alphabet Inc. Ads.
Importance 80 Sentiment 70
ngo
Cloud Security Alliance
Cloud Security Alliance (SEAL) is a non-profit group that reported a significant spike in phishing activity through Alphabet Inc. Search and blocked over 356 malicious links. SEAL provides critical data and warnings about the ongoing scam.
Importance 70 Sentiment 60
per
Stacy Muur
Stacy Muur, founder of Web3 Green Dots, confirmed the mechanism used by scammers and publicly criticized Alphabet Inc. for its inaction, sharing screenshots of the fraudulent ads.
Importance 70 Sentiment 60
crypto
Ethereum
Ethereum is the cryptocurrency primarily targeted in this scam, with 146 ETH (approximately $306,000) traced to the attackers' wallets. The scam involves draining ETH and other assets from users' wallets.
Importance 60 Sentiment -40
oth
Scam Sniffer
Scam Sniffer previously reported a user losing over $1.23 million in Uniswap NFTs through a fake site, providing historical context to the ongoing phishing problem.
Importance 40 Sentiment 50
priv
Malwarebytes
Malwarebytes reported similar scam activities on Meta Platforms, indicating the broader scope of such phishing campaigns beyond Alphabet Inc..
Importance 30 Sentiment 50
priv
PeckShield
PeckShield Alert warned about fake Aave Labs advertisements, indicating that the phishing problem extends to multiple DeFi brands.
Importance 30 Sentiment 50
per
Uniswap
Uniswap, Uniswap founder, previously warned about attackers aggressively bidding on Alphabet Inc. ads to push phishing sites, highlighting prior awareness of the issue.
Importance 30 Sentiment 50
stock
Meta Platforms
Meta Platforms was mentioned as another platform where scammers run paid ads to deploy malware, highlighting a wider problem of ad platform exploitation.
Importance 20 Sentiment -20
priv
Aave Labs
Aave Labs was mentioned as another DeFi protocol targeted by similar phishing campaigns using Alphabet Inc. search ads, showing the breadth of the attack vector.
Importance 20 Sentiment -30
priv
Chainalysis
Chainalysis reported a significant increase in stolen funds from scams in 2025, providing broader market context for the rise in phishing attacks.
Importance 20 Sentiment 50
stock
Microsoft
Microsoft was impersonated in a separate scam on Meta Platforms, showing that brand impersonation is a widespread tactic used by attackers.
Importance 10 Sentiment -10
NEWSDESK
Track this event live

Set up alerts, explore entity relationships, search across thousands of events, and build custom intelligence feeds.

Open Dashboard

About NewsDesk

NewsDesk is a news intelligence platform that converts raw news articles into structured data. It tracks events, entities, and the relationships between them, with sentiment and attention metrics derived from thousands of articles. Pages on this site are daily static snapshots from the platform's live database. For real-time tracking, search, and alerts, the full dashboard is at app.newsdesk.dev.