{"id":25913,"date":"2025-08-07T15:42:30","date_gmt":"2025-08-07T12:42:30","guid":{"rendered":"https:\/\/forklog.com\/en\/scammers-target-aave-users-through-google-ads\/"},"modified":"2025-08-07T15:42:30","modified_gmt":"2025-08-07T12:42:30","slug":"scammers-target-aave-users-through-google-ads","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/scammers-target-aave-users-through-google-ads\/","title":{"rendered":"Scammers Target Aave Users Through Google Ads"},"content":{"rendered":"<p>Cybercriminals have launched a phishing campaign targeting Aave users via Google Ads, according to cybersecurity experts at PeckShield.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/PeckShieldAlert?src=hash&#038;ref_src=twsrc%5Etfw\">#PeckShieldAlert<\/a> Fake &#8220;Aave&#8221; ads are topping Google search results. <\/p>\n<p>The phishing site is aaxe[.]co[.]com. <\/p>\n<p>The ads are designed to drain your wallet through malicious transaction signatures. <a href=\"https:\/\/t.co\/LdVHMflFAT\">pic.twitter.com\/LdVHMflFAT<\/a><\/p>\n<p>\u2014 PeckShieldAlert (@PeckShieldAlert) <a href=\"https:\/\/twitter.com\/PeckShieldAlert\/status\/1953306121172652386?ref_src=twsrc%5Etfw\">August 7, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The perpetrators placed paid advertisements on Google Ads, mimicking the official Aave platform. Clicking the links redirected victims to fake websites where they were asked to connect their crypto wallets. This allowed the scammers to gain access to the funds.<\/p>\n<p>Such transactions are irreversible. The exact amount of damage is still unknown. Users are advised to carefully verify website URLs. If a wallet is compromised, funds should be immediately transferred to a secure address, contact the provider through official channels, and revoke permissions using services like Revoke.cash.<\/p>\n<p>Prior to reports of the phishing attack, Aave became the first DeFi protocol with a net deposit across 14 networks exceeding $60 billion.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">$60B net deposits.<\/p>\n<p>DeFi will win. <a href=\"https:\/\/t.co\/BsrEHbnji8\">pic.twitter.com\/BsrEHbnji8<\/a><\/p>\n<p>\u2014 Aave (@aave) <a href=\"https:\/\/twitter.com\/aave\/status\/1953158312075378977?ref_src=twsrc%5Etfw\">August 6, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to <a href=\"https:\/\/tokenterminal.com\/explorer\/projects\/aave\/metrics\/net-deposits\">Token Terminal<\/a>, this figure has more than tripled over the year. In August 2024, it stood at $18 billion.\u00a0<\/p>\n<h2 class=\"wp-block-heading\">Fraudulent Campaign on YouTube\u00a0<\/h2>\n<p>Meanwhile, experts at SentinelLABS <a href=\"https:\/\/www.sentinelone.com\/labs\/smart-contract-scams-ethereum-drainers-pose-as-trading-bots-to-steal-crypto\/?utm_medium=paid-search&#038;utm_source=google&#038;utm_campaign=amer-us-brand&#038;utm_term=sentinelone\">reported<\/a> another attack on crypto investors. Since 2024, criminals have been taking over old YouTube channels that previously published cryptocurrency news.\u00a0<\/p>\n<p>The scammers promote trading bots that steal users&#8217; funds. Videos are created using AI, and negative comments are swiftly removed.\u00a0<\/p>\n<p>Victims are encouraged to deploy a smart contract that conceals the cybercriminals&#8217; address. Once funded, the money is sent to the scammers&#8217; wallets.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/AD_4nXfj3WAUkASrfMd712g-tbNEVS4EwntSsdpYvsa55FNL8ZBDF08GC1hwfaK3ROFwphvyWfO9eWqjWZJzgROnTBhELpPCC9dptZK-1dAX6wn9RuSBg9vBD_DfpUP6AvdTGh3MGgEcoA.webp\" alt=\"Scammers Target Aave Users Through Google Ads\" class=\"wp-image-263465\"\/><figcaption class=\"wp-element-caption\">An example of instructions for funding a fraudulent smart contract. Source: SentinelLABS.\u00a0<\/figcaption><\/figure>\n<p>According to specialists, users are asked to deposit a minimum of 0.5 ETH (~$1829 at current rates) to launch the bot and cover fees. One fraudulent address has already received about 244.9 ETH, while two others have received 7.59 and 4.19 ETH. In total, this exceeds $939,000.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cWe have observed the use of the same wallet in several malicious smart contracts. However, numerous unique addresses are involved, making it impossible to determine the exact number of scammers,\u201d noted SentinelLABS.\u00a0<\/p>\n<\/blockquote>\n<p>Earlier, on August 6, a crypto investor <a href=\"https:\/\/forklog.com\/en\/news\/cryptocurrency-investor-loses-3-million-with-a-single-click\">lost<\/a> $3 million by signing a malicious transaction. The phishing attack employed a common tactic: scammers create fake addresses or links that mimic legitimate ones.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals have launched a phishing campaign targeting Aave users via Google Ads, according to cybersecurity experts at PeckShield. #PeckShieldAlert Fake &#8220;Aave&#8221; ads are topping Google search results. The phishing site is aaxe[.]co[.]com. The ads are designed to drain your wallet through malicious transaction signatures. pic.twitter.com\/LdVHMflFAT \u2014 PeckShieldAlert (@PeckShieldAlert) August 7, 2025 The perpetrators placed paid [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":25912,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1212,1246,1103],"class_list":["post-25913","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-aave","tag-scammers","tag-youtube"],"aioseo_notices":[],"amp_enabled":true,"views":"134","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/25913","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=25913"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/25913\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/25912"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=25913"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=25913"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=25913"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}