# app.synecdochedex.fun — SUSPICIOUS > PhishDestroy identifies app.synecdochedex.fun as a crypto drainer phishing domain impersonating Synecdoche Dex. Verify safety on PhishDestroy before interacting. ## Summary PhishDestroy identifies app.synecdochedex.fun as an active crypto drainer phishing domain. The domain mimics Synecdoche Dex, a cryptocurrency trading platform, to deceive users into connecting malicious wallets. Threat actors leverage this domain to siphon cryptocurrency assets under the guise of legitimate transactions. The infrastructure relies on deceptive branding to exploit user trust in familiar crypto services. This domain was flagged with a VirusTotal detection score of 0/95, indicating no immediate antivirus or security vendor recognition as malicious. It was registered on January 19, 2026, through NAMECHEAP INC and resolves to the IP address 64.29.17.65. The domain utilizes a valid SSL certificate issued by Let's Encrypt, enhancing its appearance of legitimacy. As of the latest scan, the domain remains unlisted on Google Safe Browsing (GSB) and has not been added to major blocklists, suggesting a newly emerged or rapidly evolving threat. The domain is currently active and under investigation by PhishDestroy. No public blocklist entries or vendor detections have been recorded, leaving users vulnerable to exposure. Immediate actions include domain takedown requests to hosting providers and continued monitoring for additional IOCs. The remaining risk is classified as active but under investigation, with users advised to avoid interaction until further analysis is complete. PhishDestroy recommends verifying the safety of this domain using its threat intelligence database before any engagement. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-01-19 15:59:35 - Registrar: NAMECHEAP INC - IP: 64.29.17.65 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/78a9f8d1-5200-4688-be6c-156771bf5174 - PhishDestroy: https://phishdestroy.io/domain/app.synecdochedex.fun/ - LLM endpoint: https://phishdestroy.io/domain/app.synecdochedex.fun/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/app.synecdochedex.fun/ Last updated: 2026-03-29