Ethena Voting Rewards Scam

Cybersecurity researchers have identified dao-ethena.fi as a fraudulent website that impersonates the legitimate Ethena platform. The genuine Ethena service operates through the official domain ethena.fi and functions as a decentralized finance (DeFi) protocol built on Ethereum. It issues USDe, a synthetic US dollar, and ENA, its governance token, using delta-neutral derivative positions designed to maintain stability.

The website at dao-ethena.fi is not associated with the legitimate Ethena platform or with any genuine company, organization, or entity. Instead, it has been created to deceive cryptocurrency users into connecting their wallets under the false promise of participating in an exclusive rewards initiative.

The Fake 'Season 7 Rewards' Proposal

The fraudulent page closely imitates the appearance and branding of Ethena's governance interface. Visitors are presented with an alleged 'Ethena Season 7 Rewards Proposal' and are encouraged to vote on how ENA rewards should be distributed. To increase urgency and entice participation, the site claims that the first 5,000 voters will receive a special multiplier on their positions.

The proposal is entirely fabricated. Its real purpose is not governance participation but the theft of cryptocurrency assets from unsuspecting users.

How the Wallet Drainer Works

To take part in the supposed voting process, visitors are instructed to connect a cryptocurrency wallet. The site advertises compatibility with more than 530 wallet providers, including MetaMask, Trust Wallet, WalletConnect, Binance Wallet, and SafePal.

Once a wallet is connected, a cryptocurrency drainer is triggered. Rather than enabling voting functionality, the malicious mechanism initiates unauthorized transactions that transfer digital assets from the victim's wallet to addresses controlled by cybercriminals. This process can occur automatically, requiring no further interaction from the victim after the initial connection.

Because blockchain transactions are intentionally designed to be irreversible, any funds transferred through the drainer are typically lost permanently.

Why Cryptocurrency Users Are Frequent Targets

The cryptocurrency sector remains one of the most attractive environments for online scammers. Several characteristics make it particularly appealing to cybercriminals:

• Blockchain transactions are generally irreversible, making stolen funds difficult or impossible to recover.
• Cryptocurrency wallets can hold significant financial value and can often be accessed through a single approval or connection request.
• Many users actively seek reward programs, token distributions, governance opportunities, and airdrops, creating ideal conditions for social engineering.
• The decentralized nature of the ecosystem allows fraudulent websites to appear and disappear rapidly, often before they are reported and removed.

These factors enable scammers to generate substantial profits while minimizing the chances of victims recovering their assets.

The Threat of DeFi Impersonation Sites

The Ethena Voting Rewards scam is part of a broader trend involving fraudulent websites that imitate legitimate DeFi projects. Such pages often replicate official branding, layouts, and messaging with remarkable accuracy. They commonly lure users with promises of governance participation, exclusive rewards, staking benefits, token bonuses, or limited-time opportunities.

In many cases, the visual similarities between legitimate and malicious platforms are so convincing that users may overlook subtle differences in domain names and website addresses. This makes careful verification of URLs essential before connecting a wallet or approving any transaction.

How Victims Are Directed to These Fraudulent Pages

Cybercriminals rely on multiple distribution channels to attract visitors to fake crypto platforms. Common methods include social media impersonation campaigns, malicious advertisements, phishing messages, and deceptive notifications.

Fraudulent links are frequently promoted through compromised or fake accounts on platforms such as X (Twitter), Discord, and Telegram. Attackers often impersonate well-known projects, influencers, developers, or official team members to make their schemes appear trustworthy. Users may also encounter these scams through malicious advertising networks operating on torrent websites, unofficial streaming platforms, and other unreliable online services. Phishing emails, adware-generated advertisements, and browser notifications from untrustworthy websites can further increase exposure to such threats.

Protecting Yourself from Wallet Drainer Scams

Before connecting a cryptocurrency wallet to any platform, users should independently verify the website's legitimacy and carefully examine the domain name. Reward campaigns, governance votes, and promotional events should always be confirmed through official project channels.

In the case of this scam, users should remember that the authentic Ethena platform operates exclusively through ethena.fi. The fraudulent domain dao-ethena.fi exists solely to trick visitors into connecting their wallets, enabling a cryptocurrency drainer that steals digital assets. Any interaction with the fake platform may result in the permanent loss of funds.