DNS/CDN/frontend hash drift
Jupiter's assessment for RD-F-105 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
DNS/frontend drift signal applicable — jup.ag active frontend. Confirmed Feb 2025 official X account compromise (attacker promoted $MEOW fake memecoin; ~$20M user losses from scam tokens; account recovered within hours). Multiple active impersonator domains documented (jup-v2.com, jupgifts.com, jup.ag-rewards.lat etc.). No confirmed hash drift on primary jup.ag DNS/CDN at assessment date. Signal elevated to yellow: (1) confirmed precedent of official channel compromise Feb 2025, (2) dense phishing ecosystem validates adversarial capability, (3) jup.ag-rewards.lat flagged 2 security vendors 2026-04-25.
Sources #
- URLJupiter JUP Rewards Scam — PCRiskPCRisk: Jupiter JUP Rewards Scam — active phishing via jupgifts.com and similar domainsretrieved 2026-04-29
- jup.ag-rewards.lat Domain Security Reportphishdestroy.io: jup.ag-rewards.lat flagged by 2 security vendors as of 2026-04-25retrieved 2026-04-29
- Jupiter X Account Recovered — crypto.newscrypto.news: Jupiter recovers official X account after scammers promote MEOWretrieved 2026-04-29
- Jupiter X Account Hacked — KuCoin Feb 2025KuCoin news: Jupiter DEX X Account Hacked to Promote Scam Memecoins — ~$20M user losses, Feb 2025retrieved 2026-04-29
Methodology #
Detect whether the hash of production frontend JS changes versus the prior published hash, or a DNS config change is detected.
See the full factor methodology and distribution across all protocols →