# bitcoinrpow.net — SUSPICIOUS > PhishDestroy identifies bitcoinrpow.net as a Bitcoin wallet drainer scam. This domain registered in 2021 is now under investigation. Check the full report. ## Summary PhishDestroy identifies bitcoinrpow.net as a fraudulent domain designed to impersonate Bitcoin services, specifically targeting cryptocurrency users. The threat type is classified as brand impersonation, where the domain mimics legitimate Bitcoin-related branding to deceive visitors. This site is suspected to host a wallet drainer kit—a malicious script that drains cryptocurrency from victims' wallets upon interaction. Given the high-risk nature of wallet drainers, which can result in immediate financial loss, this domain poses a significant threat to unsuspecting users. Technical analysis reveals the following indicators: the domain resolves to IP address 104.21.5.133 and was created on January 20, 2021. It is registered through Cloudflare, Inc., which may be leveraged to obscure the true ownership and hosting details. The domain currently has a VirusTotal detection score of 0/95, meaning it evades detection by most antivirus engines as of the latest scan. It holds a valid SSL certificate issued by Google Trust Services, a tactic often used to appear legitimate and gain user trust. Additionally, this domain remains unlisted on major blocklists, further reducing its chances of early detection by security tools. As of the latest assessment, bitcoinrpow.net is active and under investigation, with no confirmed takedown or blocklisting status. Immediate response actions include monitoring and continued forensic analysis to determine the full scope of its operations and potential victims. The remaining risk is classified as high due to the domain's potential to cause immediate financial harm through cryptocurrency theft. Users are strongly advised to avoid interacting with this domain, verify the authenticity of any Bitcoin-related websites independently, and report suspicious activity to relevant cybersecurity authorities. Enhanced caution is required when handling cryptocurrency transactions to prevent falling victim to similar scams. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Bitcoin ## Domain Intelligence - Registered: 2021-01-20 05:55:57 - Registrar: Cloudflare, Inc. - IP: 104.21.5.133 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/40b6ed97-9820-4cb4-ad17-1315b70793f3 - PhishDestroy: https://phishdestroy.io/domain/bitcoinrpow.net/ - LLM endpoint: https://phishdestroy.io/domain/bitcoinrpow.net/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bitcoinrpow.net/ Last updated: 2026-04-01