# bitmax999.com — SUSPICIOUS

> bitmax999.com is a freshly registered domain (Feb 2026) hosting a spoofed cryptocurrency exchange landing page. It resolves to 188.114.97.

## Summary
bitmax999.com has been flagged for a generic phishing campaign mimicking a legitimate cryptocurrency exchange platform. The domain leverages a recently issued Let's Encrypt SSL certificate to appear authentic and is associated with a drainer kit designed to harvest wallet credentials and initiate unauthorized transfers. Analysis suggests the threat actor is targeting users familiar with established trading platforms by exploiting the 'bitmax' branding to lower suspicion.  This domain was registered on February 25, 2026, through GMO Internet, Inc., and resolves to IP 188.114.97.3. VirusTotal currently shows zero detections (0/95), and the domain remains unlisted on Google Safe Browsing (GSB) as well as major blocklists at the time of investigation.  bitmax999.com remains active and under active monitoring. Immediate response includes blocking the domain at DNS and network levels, flagging the associated IP for further scrutiny, and updating internal threat intelligence feeds. While current detections are minimal, the domain's recent registration and lack of historical reputation warrant high caution. Users are advised to avoid interacting with this domain and report any suspicious transactions or credential theft linked to it.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-25 06:32:53
- Registrar: GMO Internet, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0f6cfee6-a6a4-42a0-ac6a-132e1e81a029
- PhishDestroy: https://phishdestroy.io/domain/bitmax999.com/
- LLM endpoint: https://phishdestroy.io/domain/bitmax999.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bitmax999.com/
Last updated: 2026-03-22