DNS/CDN/frontend hash drift

Symbiotic's assessment for RD-F-105 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

DNS/frontend drift signal is elevated due to confirmed historical X account compromise (Oct 4-7, 2024) by unknown threat actor who posted phishing links mimicking symbiotic.fi for 3+ days. Phishing domain ailocations-symbioticfi[.]com confirmed active and documented by security researchers. Protocol uses symbiotic.fi as primary frontend. No confirmed current DNS or JS-hash drift as of 2026-05-16, but: (1) historical compromise establishes threat-actor targeting interest; (2) active phishing domain remains live; (3) SYMBIOTIC token airdrop (TGE Nov 2024) sustains above-baseline impersonation activity. No public baseline JS hash published by protocol; change-management allowlist status unknown.

Sources #

URL
Symbiotic X — Twitter Incident UpdateSymbiotic official X post confirming account compromise Oct 4-7 2024retrieved 2026-05-16
URL
Binance News — Symbiotic X account hackedBinance News — Symbiotic X account hacked phishing warningretrieved 2026-05-16
URL
PCRisk — Symbiotic Participation Award ScamPCRisk removal guide — ailocations-symbioticfi[.]com phishing domain impersonating symbiotic.firetrieved 2026-05-16

Methodology #

Detect whether the hash of production frontend JS changes versus the prior published hash, or a DNS config change is detected.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol symbiotic factor RD-F-105 score yellow collected_at 2026-05-16 09:25:24