Aave Becomes Scam Target After Reaching $60 Billion Milestone

Just one day after reaching a net deposit level of $60 billion, the decentralized lending protocol Aave became the target of a large-scale phishing campaign via the Google Ads platform.

On August 6, Aave officially became the first DeFi protocol to reach a TVL of $60 billion, distributed across 14 different blockchains. This figure represents an impressive threefold growth compared to the same period last year, affirming Aave's leading position in the decentralized lending segment.

However, this success also attracted the attention of cybercrime groups. Just one day after the announcement, fake ads appeared on Google's search results page, luring users to access malicious websites designed to closely mimic the official Aave interface.

According to a report from the blockchain security company PeckShield, hackers have exploited Google's advertising system to deploy malicious links to deceive Aave users. This incident reflects the increasing trend of attacks targeting large-scale and high-liquidity DeFi protocols.

PeckShield warns of fake Aave websites. Source: PeckShield

This phishing tactic exploits users' trust in reputable brands and the popularity of Google Search. When users click on the fake advertising link, they will be redirected to a website that closely resembles the official Aave platform. Here, victims will be prompted to connect their cryptocurrency wallets and grant access to the fake application.

Once this authority is granted, the attacker can conduct unauthorized transactions and withdraw all assets from the user's wallet. Due to the immutable nature of blockchain, these transactions are virtually irreversible. Although specific financial losses have not been disclosed, the use of Google Ads as a distribution channel indicates the potential impact on a large number of prospective users. This incident highlights a rule in the DeFi space: high scale and liquidity correlate with the level of attraction from malicious actors.

Security experts advise users to take proactive precautions. First, always thoroughly verify the URL before making any transactions, prioritizing direct access rather than through advertising links. Second, use access management tools like Revoke.cash to monitor and revoke permissions granted to decentralized applications.