Protocol-impersonator domain registered (typosquat)

PancakeSwap's assessment for RD-F-161 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

CONFIRMED RED. Active confirmed typosquat domain: web2.pancake.run flagged by 14 security vendors as a live crypto drainer portal targeting PancakeSwap users (phishdestroy.io, retrieved 2026-04-28). Browser-extension impersonation attacks active. Historical precedent: hundreds of PancakeSwap typosquat domains registered Summer 2021. October 2025 Chinese X account compromise drove users to phishing sites impersonating PancakeSwap (fake 'Sir Pancake' token). Persistent high-value target: $1.73B TVL, large retail BSC user base, top-20 DeFi brand recognition. Threshold (registrar within 90 days + live drainer) clearly met.

Sources #

URL
PancakeSwap Confirms X Account Hack After Fake 'Sir Pancake' Token Scam (Oct 2025)TradingView Oct 2025 X hack impersonationretrieved 2026-04-28
URL
Summer of Scammers: PancakeSwap cryptocurrency thieves — hundreds of typosquat domainsBushidoToken typosquat blog 2021retrieved 2026-04-28
URL
web2.pancake.run — Scam or Legit? Domain Security Report (14 vendor flags, live drainer)phishdestroy.io active drainer domainretrieved 2026-04-28

Methodology #

Determine whether a typosquat of the official protocol domain has been registered in the last 90 days.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol pancakeswap factor RD-F-161 score red collected_at 2026-04-28 19:10:57