Protocol-impersonator domain registered (typosquat)
Raydium's assessment for RD-F-161 — scored not_assessed on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Cat 11 threat intel signal (v1-deferred). Multiple confirmed active typosquat domains documented: (1) raydiumn.icu — registered September 2025, PhishDestroy brand impersonation warning (phishdestroy.io/domain/raydiumn.icu); (2) raydium-io.to — high-risk phishing domain using 'Swap Raydium | Solana' branding (phishdestroy.io/domain/www.raydium-io.to); (3) raydiumswap.site — fake 'Raydium Airdrop Claim' page registered October 2025 (phishdestroy.io/domain/raydiumswap.site). Additionally: fake Raydium mobile apps on Apple App Store (2025) stealing recovery phrases; fake staking websites (PCRisk catalogued). At least 2–3 domains registered within last 6 months. Threshold: typosquat of official domain registered within last 90 days — multiple domains qualify. Raydium's brand is heavily impersonated. Yellow (not red) because: impersonation targets users, not protocol infrastructure directly; signal is threat-intel rather than exploit-in-progress. This is structurally elevated for Raydium vs.
Sources #
- URLRaydium Airdrop Scam Removal Guide — PCRiskPCRisk: Fake Raydium Airdrop Scam — raydium-usa.xyz and related domainsretrieved 2026-04-29
- raydiumswap.site Domain Security Report — PhishDestroyPhishDestroy: raydiumswap.site fake airdrop claim page registered October 2025retrieved 2026-04-29
- raydium-io.to Domain Security Report — PhishDestroyPhishDestroy: raydium-io.to high-risk phishing domainretrieved 2026-04-29
- Warning: raydiumn.icu Brand Impersonation — PhishDestroyPhishDestroy: raydiumn.icu registered September 2025 — Raydium brand impersonation warningretrieved 2026-04-29
Methodology #
Determine whether a typosquat of the official protocol domain has been registered in the last 90 days.
See the full factor methodology and distribution across all protocols →