7
An experienced crypto trader known as @ika_xbt lost their entire portfolio, valued at over $400K, after clicking a sponsored Google ad that looked exactly like the real Uniswap website. It wasn’t.
The phishing campaign, which surfaced on May 26, used cloned versions of Uniswap’s interface promoted through Google Search ads. Two wallets linked to the attackers have been identified holding a combined 146 ETH, roughly $306K at the time of discovery, with total stolen funds exceeding $400K.
How the scam works
Attackers buy sponsored ads on Google targeting the keyword “Uniswap.” When users search for the decentralized exchange, the fraudulent result appears above the legitimate organic listing. The fake site looks identical to the real thing.
Once a user connects their wallet and approves a transaction, the game is over. The malicious contract drains whatever it can access. Because blockchain transactions are irreversible, there’s no customer service line to call, no chargeback to file, no undo button.
In @ika_xbt’s case, a single approval wiped out everything. The attack doesn’t exploit any vulnerability in Uniswap’s smart contracts or infrastructure. The protocol itself was never compromised. The scam exploits human trust in Google’s search results.
A pattern that keeps repeating
The Security Alliance, known as SEAL, has noted a significant increase in Google Search phishing campaigns targeting crypto protocols since March 2026. The playbook is the same each time: buy ads, clone a trusted DeFi interface, wait for someone to connect their wallet.
Phishing attacks through Google sponsored ads caused six-figure losses as recently as February 2026. In July 2025, a similar scheme resulted in $1.2 million stolen.
Uniswap founder Hayden Adams has been vocal about the problem, condemning search platforms for their failure to act decisively against scam ads. His frustration echoes concerns raised after earlier incidents.
What this means for investors
Bookmarking the correct URLs for any DeFi protocol you use regularly is the single most effective defense against this type of attack. It costs nothing and takes seconds.
Hardware wallet users have a partial advantage here. Many hardware wallets require explicit on-device confirmation of transaction details, which can provide a final checkpoint before a malicious approval goes through. But even this isn’t foolproof if the user doesn’t carefully review what they’re signing.
The irreversible nature of blockchain transactions becomes its most dangerous liability in moments like these. Traditional finance has fraud protections, chargebacks, and insurance mechanisms precisely because humans make mistakes. DeFi offers none of that by design.
cryptoslate.com
coindesk.com
cointelegraph.com