# atomic-extension.wixstudio.com — SUSPICIOUS > PhishDestroy flags atomic-extension.wixstudio.com for fake cryptocurrency wallet phishing. VT 0/95 detections. Check the full report. ## Summary PhishDestroy identifies active phishing at atomic-extension.wixstudio.com impersonating a cryptocurrency wallet service to harvest private keys and seed phrases. The page is weaponized to trick users into connecting malicious browser extensions that steal crypto assets; traffic is routed through IP 34.144.206.118 and served over a Let’s Encrypt SSL certificate to appear legitimate. Threat type: generic_phishing with confirmed extension-delivery payload, currently under investigation by security teams. This domain was flagged with VirusTotal showing 0 detections out of 95 engines as of the latest scan, resolving to IP 34.144.206.118 via a Let’s Encrypt certificate (valid chain, no revocation). WHOIS records are obscured through Wix domains, so creation date is not publicly available, and no public blocklist entries (e.g., PhishTank, OpenPhish, Google Safe Browsing) currently list this domain. Tranco and Majestic trust scores are unavailable due to domain cloaking, indicating low organic reputation. Mitigation steps include blocking atomic-extension.wixstudio.com and its resolving IP 34.144.206.118 at the network perimeter using DNS sinkholing or firewall rules. Users should avoid downloading or installing any browser extensions advertised via this domain, especially those requesting wallet connection permissions. Enterprises should deploy endpoint detection and response (EDR) rules to monitor for cryptocurrency wallet process manipulation or unauthorized extension installations. Report indicators to threat intelligence platforms under seed 158ad8 for correlation. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 34.144.206.118 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/atomic-extension.wixstudio.com - PhishDestroy: https://phishdestroy.io/domain/atomic-extension.wixstudio.com/ - LLM endpoint: https://phishdestroy.io/domain/atomic-extension.wixstudio.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/atomic-extension.wixstudio.com/ Last updated: 2026-04-08