Protocol-impersonator domain registered (typosquat)
Jupiter's assessment for RD-F-161 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Multiple confirmed active protocol-impersonator domains documented: jup-v2.com, jup-airdrop.onspace.app, jupgifts.com, jup.ag-rewards.lat (flagged 2 security vendors 2026-04-25), jup-ag.gd, jupbox.net, ijup.ag, jup-drop.live, jup-solution.world, jupag.uk. Active wallet-draining phishing operations confirmed (Jupiter JUP Rewards Scam, Jupiter Airdrop Scam). jup.ag-rewards.lat confirmed within 90-day window (flagged 2026-04-25 = 4 days before assessment). Feb 2025 X account compromise amplified adversarial capability demonstrated. Red finding: multiple registrations within 90d window with active phishing victims confirmed.
Sources #
- URLJupiter Airdrop Scam — PCRisk Removal GuidePCRisk: Jupiter Airdrop Scam — additional active domain setretrieved 2026-04-29
- Jupiter JUP Rewards Scam — EnigmaSoft SpyHunterEnigmaSoft: Jupiter JUP Rewards Scam removal — lists active impersonator domains and draining mechanismretrieved 2026-04-29
- jup.ag-rewards.lat Domain Security Report — PhishDestroyphishdestroy.io: jup.ag-rewards.lat flagged by 2 security vendors as of 2026-04-25 — within 90-day windowretrieved 2026-04-29
- jup-ag.gd ScamAdviser ReportScamAdviser: jup-ag.gd flagged; multiple review entries confirming impersonator domainsretrieved 2026-04-29
- Jupiter JUP Rewards Scam — PCRisk Removal GuidePCRisk: Jupiter JUP Rewards Scam active on jupgifts.com and multiple domains; wallet draining confirmedretrieved 2026-04-29
Methodology #
Determine whether a typosquat of the official protocol domain has been registered in the last 90 days.
See the full factor methodology and distribution across all protocols →