Phishing Attack Targets Aave Users After Hitting $60B in Net Deposits
2 Mins Read
Just one day after Aave became the first DeFi protocol to surpass $60 billion in net deposits, the platform’s users were targeted in a phishing attack leveraging malicious Google Ads. The timing has raised concerns about security risks surrounding large-scale decentralized protocols.
According to PeckShield, a blockchain security firm, the phishing campaign involved fake Aave investment platforms promoted through Google Ads, tricking users into linking their wallets to fraudulent sites. Once connected, scammers can gain access to user wallets and irreversibly drain assets.
“These attacks are becoming more sophisticated and often mimic real platforms with surprising accuracy,” noted a security researcher monitoring the campaign.
Milestone Followed by Malware
Aave announced on Wednesday that it had reached $60 billion in net deposits across 14 supported networks, tripling its deposits from $18 billion a year ago, according to data from Token Terminal.
“Aave’s rapid growth in the DeFi space makes it a natural target for phishing campaigns,” one analyst commented. “Users must remain vigilant, especially when using search engines to access DeFi platforms.”
#PeckShieldAlert Fake "Aave" ads are topping Google search results.
The phishing site is aaxe[.]co[.]com.
The ads are designed to drain your wallet through malicious transaction signatures. pic.twitter.com/LdVHMflFAT
Phishing scams often mimic trusted services, luring victims to enter sensitive information like seed phrases or private keys. The current campaign poses a high threat level due to its use of Google’s ad platform for distribution.
Security experts advise users to:
Double-check URLs before connecting wallets or depositing funds
Use browser bookmarks for accessing DeFi platforms
Revoke wallet approvals via tools like Revoke.cash
Immediately transfer assets if a wallet is compromised
Never reuse compromised wallets, as scammers may continue monitoring them
“The safest move after any compromise is to migrate to a new wallet and review all approval permissions,” the researcher added.
As Aave celebrates a major DeFi milestone, the phishing attack underscores the ongoing need for user education and vigilance in the evolving Web3 ecosystem.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.
