# bitneva.com — SUSPICIOUS

> bitneva.com operates as a crypto drainer scam impersonating brands, with 0/95 VirusTotal detections. Immediate action required to block domain and inspect.

## Summary
PhishDestroy identifies bitneva.com as an active crypto drainer scam with credential theft capabilities. This domain was flagged via seed c349f8 and is currently resolving to IP 188.114.96.3. The site leverages brand impersonation to deceive users into connecting crypto wallets, enabling unauthorized fund transfers. Analysis shows the domain was registered on April 06, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED, and secured with a Let's Encrypt SSL certificate. Despite zero detections on VirusTotal (0/95), the absence of historical trust and the recent registration date strongly indicate malicious intent. No blocklist entries were detected during initial scans, but the threat profile remains under investigation due to evolving tactics.  bitneva.com exhibits multiple red flags consistent with crypto drainer operations. The domain’s IP (188.114.96.3) hosts similar fraudulent infrastructure, and the registrar’s anonymity-friendly policies further obscure attribution. The SSL certificate, while valid, is a common tactic to lend false legitimacy to phishing sites. The domain’s creation date (April 06, 2026) aligns with a surge in crypto-related scams targeting unsuspecting investors. VirusTotal’s lack of detections suggests either evasion techniques or delayed reporting by security vendors. These indicators, combined with the absence of a legitimate online footprint, elevate the risk to critical levels for users interacting with this domain.  Mitigation for this crypto drainer threat requires immediate and targeted actions. Users should block bitneva.com at the network level and avoid any interaction with the domain or its associated IP. For crypto investors, verify all wallet connection requests via independent channels and use hardware wallets for added security. Organizations should update firewall rules to block 188.114.96.3 and monitor outbound traffic for connections to this IP. Report the domain to threat intelligence platforms and blocklists to prevent further victimization. Given the evolving nature of crypto drainers, continuous monitoring of this domain’s infrastructure is advised to preempt new attack vectors.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-06 10:06:01
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/bitneva.com
- PhishDestroy: https://phishdestroy.io/domain/bitneva.com/
- LLM endpoint: https://phishdestroy.io/domain/bitneva.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bitneva.com/
Last updated: 2026-04-08