Scammers targeted Aave users via Google Ads after deposit milestone

11.08.2025

The Aave protocol recently hit a major milestone – the total value of deposits on the platform exceeded $60 billion. This achievement was significant both for the developers and the crypto community, as it reflected high trust and deep integration of DeFi services into the broader financial ecosystem. However, the celebration didn’t last long. Almost immediately after the record was publicized, dangerous fake websites disguised as official Aave resources began appearing in Google search results. Scammers used Google Ads to promote phishing pages with domains that closely resembled the real one. One such example was aaxe[.]co[.]com – visually almost identical to Aave’s official domain. Victims who visited these fake sites were either prompted to input wallet data or connect their wallets directly. At that point, the attackers gained access to the funds. A single confirmation via a smart contract was enough for the assets to be drained and transferred to addresses from which they couldn’t be recovered. What made this attack especially dangerous was its timing. While some users were celebrating the protocol’s success, others were already losing money. The scammers understood user behavior well: after positive news, caution drops, and a fake site can easily pass for an official one. Google Ads only added to the illusion of legitimacy, as many people assume such ads go through proper verification. In reality, Google’s moderation can’t always filter malicious content quickly enough. Despite strict ad policies, fraudulent domains still make it through. This makes paid search results particularly vulnerable for crypto users. The full extent of the damage is still unknown, but cybersecurity researchers and analysts have already issued warnings. Users are advised to be extremely cautious when clicking on ads – especially when wallets or smart contract interactions are involved. Double-checking the URL can make a critical difference. It's better to type the address manually or use bookmarks rather than clicking on the top search results. The Aave incident highlights once again: even well-established platforms can be used in fraud schemes when users let their guard down. In the DeFi world, security is a shared responsibility – not only of developers but also of every individual who interacts with crypto. Fake websites, spoofed wallet connections, and misleading ads are part of today’s landscape, and staying informed is just as important as staying profitable.