# blox-link.com — MALICIOUS

> PhishDestroy identifies blox-link.com as an active crypto drainer phishing domain, flagged by 8/95 VirusTotal security vendors.

## Summary
PhishDestroy identifies blox-link.com as an active crypto drainer phishing domain posing as a legitimate blockchain service. This domain leverages deceptive branding to trick users into connecting cryptocurrency wallets and authorizing fraudulent token transfers. The elevated risk level reflects its confirmed malicious infrastructure and ongoing abuse in the wild. Users interacting with this domain risk unauthorized fund drains and credential theft, making it a critical threat to crypto asset security.  

This domain was flagged by 8 of 95 VirusTotal security vendors and is blocked by the OISD blocklist, indicating widespread detection of its malicious intent. It resolves to IP 91.240.21.8 and operates under a Let’s Encrypt SSL certificate to appear legitimate. Registered on November 29, 2025 through NICENIC INTERNATIONAL GROUP CO., LIMITED, blox-link.com is a recently established domain with minimal reputation, compounding its risk profile. The combination of recent registration, poor detection rates, and association with known malicious IP infrastructure highlights its role in active crypto drainer campaigns.  

Users must avoid interacting with blox-link.com and verify the authenticity of any blockchain service before connecting wallets or entering credentials. Block the domain and IP at the network perimeter, scan connected devices for unauthorized wallet extensions or malware, and report the domain to security teams and blocklist maintainers. Always use hardware wallets and official application sources to prevent unauthorized fund transfers.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-11-29 18:52:44
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 91.240.21.8

## Detection Status
- VirusTotal: 8 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a7a2aa01-2334-47ef-935b-83255371f6d7
- PhishDestroy: https://phishdestroy.io/domain/blox-link.com/
- LLM endpoint: https://phishdestroy.io/domain/blox-link.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/blox-link.com/
Last updated: 2026-03-23