# backfoundation.cc — SUSPICIOUS > PhishDestroy flags backfoundation.cc as a crypto drainer domain with 0/95 VirusTotal detections. Stop fund loss now. ## Summary PhishDestroy identifies backfoundation.cc as an active crypto drainer domain currently under investigation. This domain was flagged for hosting a generic phishing campaign targeting cryptocurrency users, with the explicit goal of siphoning funds from unsuspecting victims. The registration details and technical footprint suggest a recently deployed infrastructure designed to evade early detection mechanisms, making it particularly dangerous for wallet holders and DeFi participants. This domain was registered on March 17, 2026, through Web Commerce Communications Limited dba WebNic.cc, and currently resolves to the IP address 188.114.97.3. Notably, VirusTotal shows 0 detections out of 95 security vendors as of the time of analysis, indicating that signature-based detection has not yet flagged this domain. The domain uses a Let's Encrypt SSL certificate, which is commonly leveraged by threat actors to establish perceived legitimacy. Additional risk factors include its recent registration date and lack of historical data, suggesting a new and potentially volatile campaign. To mitigate exposure to this crypto drainer domain, users should immediately block the domain and IP address 188.114.97.3 at the network and DNS levels. Cryptocurrency wallet users are strongly advised to verify all URLs manually, enable transaction simulation tools where available, and use hardware wallets for critical operations. Organizations should integrate threat intelligence feeds that include newly registered domains and regularly update firewall and endpoint protection rules. Monitoring for connections to this domain via SIEM or network logs is critical to prevent fund loss. Exercise heightened caution with any interaction involving backfoundation.cc. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-17 16:51:15 - Registrar: Web Commerce Communications Limited dba WebNic.cc - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/e180c91e-a078-45d4-b955-eee7781cf170 - PhishDestroy: https://phishdestroy.io/domain/backfoundation.cc/ - LLM endpoint: https://phishdestroy.io/domain/backfoundation.cc/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/backfoundation.cc/ Last updated: 2026-03-21