Skip to main content
Sign in

Uniswap Google Ad Phishing Campaign (May 2026)

avoid.net/uniswap-google-ad-phishing-campaign-may-20260/100·87% conf.
[AI-DRAFTED · AWAITING VERIFICATION]
anchored·2JEQL8…ugKF

Summary

An active phishing campaign exploiting Google Search sponsored advertisements to impersonate the Uniswap decentralized exchange was publicly exposed on May 25, 2026, by on-chain analyst b_block_oficial. Attackers operating two identified Ethereum wallets have allegedly stolen over $400,000 from multiple victims by deploying wallet-drainer malware services (Inferno Drainer and Vanilla Drainer), which siphon assets after victims approve malicious smart contracts on cloned Uniswap interfaces. The Security Alliance (SEAL) has confirmed blocking 356+ related fraudulent advertisement URLs and describes the broader Google Ads phishing trend as active and ongoing for more than a year.

Connected Entities

1 entities · 2 linked investigations
Protocols
Uniswap Google Ad Phishing Campaign (May 2026)
Relationships
    Also appears in
    Kelsier Ventures·4TrapDoor Supply Chain Attack·0
    Have evidence about Uniswap Google Ad Phishing Campaign (May 2026)?

    Timeline(8 events)

    2025-07-21

    A single DeFi user loses over $1.23 million in Uniswap V3 Position NFTs after signing a malicious transaction on a phishing site promoted via Google Ads.

    Phemex News / Crypto.news

    2026-02-01

    Uniswap founder Hayden Adams publicly acknowledges years of ongoing phishing attempts targeting Uniswap users and criticizes search platforms for inaction on scam ads.

    Crypto Briefing

    2026-03-01

    Google Search fraudulent site impersonating Uniswap reported ranking at top of search results; SEAL documents a sharp increase in malicious Google advertising campaigns targeting crypto.

    BeInCrypto / SEAL Radar

    2026-03-13

    Start of SEAL's tracked window: malicious Google Ads campaign targeting Uniswap, Morpho Finance, PancakeSwap, and others begins intensive phase.

    Security Alliance (SEAL) Radar

    2026-03-30

    End of SEAL's tracked window: 356+ fraudulent URLs blocked; $810,929 in confirmed tracked losses; estimated total $1,274,259 stolen across the campaign during this period.

    Security Alliance (SEAL) Radar

    2026-04-21

    SEAL publishes detailed report on malicious Google Ads targeting crypto, naming Uniswap as the primary target (41% of 352 blocked URLs), identifying Inferno Drainer and Vanilla Drainer as the tools used, and documenting compromised advertiser accounts.

    Security Alliance (SEAL) Radar

    2026-05-25

    On-chain analyst b_block_oficial publicly exposes the active Uniswap Google Ad phishing campaign on X, identifying attacker wallets 0x37925684BA178821b4436E06e67f5dBD6cfA49Bb and 0x2fC25F46cC49D226eF92E9A7665f3d2821F3c5E2 holding approximately 146 ETH (~$306,000).

    CryptoTimes / BeInCrypto

    2026-05-26

    Multiple crypto media outlets report on the campaign; total losses confirmed at over $400,000; SEAL's blocking of 356+ fraudulent ad URLs publicly noted; campaign described as active and ongoing.

    CoinTelegraph / CryptoTimes / BeInCrypto / Crypto Briefing
    Provenance & Audit Trail
    Anchored on SolanaVerify on-chain

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 5/26/2026, 6:35:32 PM

    last updated: 5/26/2026, 6:35:58 PM

    avoid.net — verified advice for a post-truth world