# ach-swap.com — SUSPICIOUS

> PhishDestroy flags ach-swap.com as a crypto drainer phishing domain resolving to 194.87.125.233 with 0/95 VirusTotal detections. Do not connect wallets.

## Summary
PhishDestroy identifies ach-swap.com as an active generic phishing domain deploying a crypto drainer kit. The site mimics legitimate swap interfaces to trick users into connecting wallets and signing malicious transactions. Early-stage analysis places the risk level under investigation, but live phishing content is already intercepting crypto transfers.

This domain was flagged on March 24, 2026, and is registered through Gransy, s.r.o. It resolves to IPv4 194.87.125.233 and holds a Let’s Encrypt SSL certificate for added legitimacy. VirusTotal shows 0 detections out of 95 scanners, indicating no AV coverage yet. No public blocklists have listed ach-swap.com, and the domain’s trust score remains neutral due to its recent creation. The absence of detections suggests the campaign is still ramping up, giving it a narrow window to cause damage before signature-based defenses catch up.

Users should immediately avoid connecting wallets or entering seed phrases on ach-swap.com. Verify any swap interface by cross-checking the official domain on PhishDestroy before signing any transactions. If funds are drained, file a complaint with local cybercrime units and revoke wallet approvals via Etherscan or equivalent block explorers.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-24 17:52:02
- Registrar: Gransy, s.r.o.
- IP: 194.87.125.233

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ae489f41-aed8-4653-ab2e-029f23690490
- PhishDestroy: https://phishdestroy.io/domain/ach-swap.com/
- LLM endpoint: https://phishdestroy.io/domain/ach-swap.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ach-swap.com/
Last updated: 2026-04-01