Social-media impersonation scam spike

Rocket Pool's assessment for RD-F-109 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Signal applicable: Rocket Pool is a top-20 DeFi brand by recognition. January 2024 X account compromise used rocketpool-migrating.net phishing domain — confirmed coordinated impersonation campaign executed against brand. X account compromised at ~6:30 pm UTC 2024-01-17; posts removed ~7:05 pm UTC then reposted. Recovery within ~35 minutes. As of 2026-05-04, no new coordinated campaign documented but brand recognition implies a baseline of 1–2 impersonation accounts at any time is expected. September 2023 phishing event separately demonstrated rETH/stETH holders are active targets ($24M stolen). Scored yellow: prior confirmed campaign establishes elevated impersonation risk; no active coordinated campaign confirmed today.

Sources #

URL
CoinGape — RP X account hijackCoinGape — Rocket Pool X users alerted to fake hack by hijacked accountretrieved 2026-05-04
URL
https://crypto.news/rocket-pools-x-account-compromised/retrieved 2026-05-06
URL
Eulith — RP URL misdirect analysisEulith — Rocket Pool URL misdirect hack explanation (rocketpool-migrating.net phishing domain)retrieved 2026-05-04

Methodology #

Detect a sharp uptick in Discord/Telegram/X accounts impersonating the protocol team or announcing fake airdrops.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol rocket-pool factor RD-F-109 score yellow collected_at 2026-05-04 15:40:28