With Unichain’s testnet launch, scammers set up a fake website to drain funds from unsuspecting users.
Through a strategy that has become prevalent for scammers to drain users’ crypto, cybercriminals leveraged the Unichain hype to steal funds by advertising a fake website at the top of Google search results. Unichain is an Ethereum layer-2, under development by Uniswap Labs, the firm behind the largest decentralized exchange (DEX), Uniswap.
The Unichain network is still in its testnet phase, with its mainnet launch set for sometime later this year, according to the announcement post issued by Uniswap Labs regarding the layer-2. This, being a massive development in the DeFi space, has users and developers wanting to check out the current testnet implementation. Scammers, well aware of this fact, decided to capitalize off the Google searches for the layer 2.
They evaded the search engine’s filters to list their fake website at the top of searches through a sponsored placement. The URL reflecting on the sponsored section was identical to Unichain’s address—unichain.org. However, clicking on the advertisement redirected users to the fake website that mirrored the Unichain one. The only things different were the “connect wallet” and “bridge” buttons, which only exist on the fake website. The real deal has “get started” and “read the docs” buttons in their place.
Users who made their way to the fake one when linking their wallets, like MetaMask, were met with transaction requests, which, if approved, would drain their wallets’ holdings. It is unclear if anybody lost their assets to this scam as the issue was resolved quickly, with Google taking down the advertisement not very long after it went live. MetaMask warns users of the contract being a scam, reading, “If you approve this request, a third party known for scams will take all your assets.”
Blockchain security firm Scam Sniffer reported the fake website sitting at the top of Google search results via an X post. “Be cautious of Google phishing ads for @Unichain.” It continued, “If you accidentally click, your assets may disappear after you connect your wallet and sign the phishing signature.”
Source: Scam Sniffer
Search Engine Manipulation Is Proving to be a Problem
Phishing scams are on the rise, and so are the ones occurring through manipulating search engine sponsored posts and organic results. DuckDuckGo’s users were treated to something similar to the Unichain episode when an Etherscan clone ranked organically and became the second result when users searched for the Ethereum block explorer.