# backpackwallet.exchange — MALICIOUS > backpackwallet.exchange is an ACTIVE crypto drainer. VirusTotal reports 6/95 security vendors flag it. Check the full report for safety guidance. ## Summary PhishDestroy identifies backpackwallet.exchange as an active crypto drainer. This domain poses a significant threat to cryptocurrency users by attempting to steal their assets through unauthorized transactions. The domain does not appear to impersonate any specific brand, but the general nature of crypto drainers means any crypto user is at risk. Technical indicators reveal that backpackwallet.exchange has a VirusTotal score of 6/95, indicating that multiple security vendors have flagged it as malicious. The domain is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and resolves to IP address 216.198.79.1. Its SSL certificate is provided by Let's Encrypt. The domain was created on March 23, 2026, which is in the future, suggesting a typo or inaccurate data. The domain appears on 2 security blocklists and is specifically blocked by SEAL and MetaMask. Currently, backpackwallet.exchange is active and presents an elevated risk to users. Immediate response actions include adding the domain to local blocklists and alerting cryptocurrency communities about this threat. Users are advised to avoid interacting with this domain and to exercise extreme caution when dealing with any communications or websites associated with it. Further investigation and monitoring are recommended to track the domain's activity and identify potential victims. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-23 17:09:30 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 216.198.79.1 ## Detection Status - VirusTotal: 6 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["SEAL", "MetaMask"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/11a98f58-dd6b-46bc-a05c-5d654404b183 - PhishDestroy: https://phishdestroy.io/domain/backpackwallet.exchange/ - LLM endpoint: https://phishdestroy.io/domain/backpackwallet.exchange/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/backpackwallet.exchange/ Last updated: 2026-03-25