Protocol-impersonator domain registered (typosquat)

Ethena's assessment for RD-F-161 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Multiple documented Ethena-impersonating phishing sites active across 2025-2026. Feb 2026 instance ('ENA Rewards Scam') is within the 90-day window from assessment date (2026-04-28). Jul 2025 and Nov 2025 'Claim Ethena Scam' instances also documented. Sep 2024 confirmed domain registrar compromise of ethena.fi itself (most severe — social engineering changed admin email, phishing site live for ~2 hours, remediated by migrating registrar). Additionally, app-ethena.github.io impersonation site was observed in search results. The sustained campaign pattern (4+ documented instances across 18 months, including one compromise of the actual domain) warrants red classification.

Sources #

URL
https://crypto.news/ethena-labs-halts-website-after-frontend-hack/retrieved 2026-05-06
URL
Ethena ENA Rewards Scam | PCRiskPCRisk: ENA Rewards Scam — February 2026 instance (within 90-day window)retrieved 2026-04-28
URL
Claim Ethena Scam | PCRiskPCRisk: Claim Ethena Scam — July 2025 and November 2025 instancesretrieved 2026-04-28

Methodology #

Determine whether a typosquat of the official protocol domain has been registered in the last 90 days.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol ethena factor RD-F-161 score red collected_at 2026-04-28 13:58:51