# basewallet.coinbase.com.https-base.app — SUSPICIOUS

> Security researchers have identified basewallet[.]coinbase[.]com[.]https-base[.]app as a malicious phishing site masquerading as Coinbase. The domain attempts to harvest crypto wallet credentials through a fake interface. This threat has been added to multiple blocklists for community protection.

## Summary
Threat Overview
The domain basewallet[.]coinbase[.]com[.]https-base[.]app has been identified as a phishing website designed to impersonate Coinbase. This malicious site targets cryptocurrency users by creating a convincing replica of the legitimate Coinbase platform.
Attack Vector
The phishing site attempts to trick users into connecting their wallets or entering their seed phrases and private keys. Once captured, the attackers use these credentials to drain victims' cryptocurrency holdings.
Risk Indicators

- Domain registered on a standard TLD (app)
- Contains brand keywords associated with Coinbase
- Domain length: 38 characters
- Unusually long domain name — a common phishing technique
- Uses multiple subdomains to appear more legitimate
- Drainer Detected

Recommendations
Always access Coinbase through the official website. Never enter your seed phrase or private keys on any website. Use hardware wallets for additional security.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP ?)
- Target brand: Coinbase
- Page title: Base Vault

## Domain Intelligence
- Registered: 2026-03-13 01:07:02
- Registrar: REGISTRAR_NOT_FOUND
- Country: Unknown
- IP: 45.13.238.34
- Nameservers: NS_NOT_FOUND

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["ChainPatrol", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://i.ibb.co/KpwQWjDB/f6cf381c5566.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/fda33743-b9ac-4ba1-9b1c-e76d9cef5ba6
- PhishDestroy: https://phishdestroy.io/domain/basewallet.coinbase.com.https-base.app/
- LLM endpoint: https://phishdestroy.io/domain/basewallet.coinbase.com.https-base.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/basewallet.coinbase.com.https-base.app/
Last updated: 2026-03-14