DNS/CDN/frontend hash drift

Ethena's assessment for RD-F-105 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Confirmed prior breach: Sep 18, 2024 — Ethena domain registrar (for ethena.fi) was compromised via social engineering of the registrar, attacker changed admin email, hosted a phishing site for approximately 2 hours before automated detection and industry partner response restored the domain within 2 hours. Domain subsequently migrated to a more secure registrar. User compensation processed for affected users. Ongoing threat: multiple impersonator phishing sites documented in 2025-2026 (Claim Ethena Scam Jul/Nov 2025, ENA Rewards Scam Feb 2026). These are third-party impersonators, not DNS drift of ethena.fi itself, but demonstrate ongoing campaign pressure on the Ethena brand that makes DNS/frontend integrity monitoring critical.

Sources #

URL
https://crypto.news/ethena-labs-halts-website-after-frontend-hack/retrieved 2026-05-06
URL
Ethena Labs suffers frontend attack | CryptoBriefingCryptoBriefing: Ethena frontend attack confirmed — protocol unaffected, funds saferetrieved 2026-04-28
URL
Ethena ENA Rewards Scam | PCRiskPCRisk: ENA Rewards Scam — documented Feb 2026 (within 90-day window)retrieved 2026-04-28

Methodology #

Detect whether the hash of production frontend JS changes versus the prior published hash, or a DNS config change is detected.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol ethena factor RD-F-105 score yellow collected_at 2026-04-28 13:58:51