AAVE users at risk as scammers use Google ads to promote fake DeFi website

Crypto scammers have once again resorted to using Google ads to promote phishing sites, this time targeting decentralised finance protocol Aave with a fake website designed to drain users’ wallets.

On Thursday, August 7, blockchain security firm PeckShield raised the alarm about a fake ad impersonating Aave that appeared at the top of Google search results.

According to the firm’s security alert, the malicious ad linked to a phishing domain — aaxe.co.com — which mimicked Aave’s legitimate website in an attempt to deceive users. 

PeckShield urged the crypto community not to interact with the ad and to verify the authenticity of DeFi websites before engaging.

As of presstime, the Aave team had yet to acknowledge the issue.

Meanwhile, the malicious ad was no longer visible when looking up Aave on Google.

Are AAVE users at risk?

Yes, such scams, although not new, pose significant risks to any cryptocurrency enthusiast who is not careful enough to verify the web address. 

The scam works by redirecting unsuspecting users to the fake Aave site to access and drain digital assets from connected wallets, especially as the fraudulent interface closely mirrors that of the real Aave platform, with only subtle differences that can be spotted on thorough examination. 

Phishing attacks like this rely on deception rather than brute force. Instead of requiring victims to reveal private keys or passwords, attackers manipulate them into approving transactions that hand over wallet permissions. 

Once a user signs such a transaction, the smart contract grants control to the scammer’s address, enabling them to transfer funds out without further authorisation.

This attack vector is especially dangerous in the decentralised finance (DeFi) space, where transactions are irreversible and user protection mechanisms are limited. 

For an average Aave user, falling for such a scam could mean the loss of funds supplied as liquidity, collateral, or borrowed tokens, all without any recourse for recovery.

Moreover, malicious approvals can persist indefinitely if not manually revoked, exposing wallets to future risks.

Scammers continue targeting crypto users via Google

For Google, this is not a novel problem. Over the past years, there have been several recorded incidents of such ads popping up when a user looks up a legitimate cryptocurrency project on Google search.

For instance, last month, a DeFi user lost over $1.23 million in Uniswap NFTs after interacting with a fake site that appeared as a top Google ad result.

In some cases, scammers have even impersonated tools like revoke.cash — targeting users who were already trying to recover from earlier attacks, effectively turning past victims into victims again.

Why hasn’t Google addressed crypto scams?

Google hasn’t been sitting on the sidelines and has taken several steps to curb abuse of its ad platform in the form of lawsuits and bans.

In early 2024, the tech giant sued two Chinese nationals, Yunfeng Sun and Hongnam Cheung, for promoting fake crypto investments through apps on the Google Play Store.

Google claimed it had disabled 90 fraudulent apps linked to the pair, which had accumulated nearly 100,000 downloads.

The year before, Google reported blocking 5.5 billion ads and suspending 12.7 million advertiser accounts for violations related to scams and misrepresentation.

The company also introduced a “Limited Ads Serving” policy to restrict reach for advertisers lacking an established track record.

However, despite these efforts, scammers continue to find ways around Google’s filters.

As such, experts urge users to exercise caution when interacting with links in search results, especially sponsored links related to crypto platforms or wallet services.

The post AAVE users at risk as scammers use Google ads to promote fake DeFi website appeared first on Invezz