# bluewallets.app — SUSPICIOUS > bluewallets.app is a confirmed crypto-drainer scam flagged by 3 blocklists. Avoid this Let's Encrypt site registered Feb 2026. Check the full report. ## Summary PhishDestroy identifies bluewallets.app as an active crypto-draining phishing site designed to steal cryptocurrency from unsuspecting users. This fraudulent domain mimics legitimate wallet services to trick victims into connecting their wallets and authorizing malicious transactions. Once connected, the site drains funds by tricking users into signing malicious transactions that transfer cryptocurrency to attacker-controlled wallets without their knowledge. This domain was flagged by 3 security blocklists and remains undetected by VirusTotal with 0/95 detections as of the latest scan. It was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on February 02, 2026, and uses a Let's Encrypt SSL certificate to appear legitimate. The domain resolves to IP address 216.198.79.1 and has already been blocked by multiple security platforms including Polkadot, Codeesura, and Enkrypt. If you visited bluewallets.app, immediately disconnect your wallet from the site and revoke any permissions you may have granted. Check your wallet transaction history for any unauthorized transfers and report suspicious activity to your wallet provider. Consider using a hardware wallet for added security and never enter your seed phrase or private keys on any website. Use trusted wallet applications and verify URLs carefully to avoid similar scams. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-02-02 12:13:56 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 216.198.79.1 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 3 hits Lists: ["Polkadot", "Codeesura", "Enkrypt"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/bluewallets.app - PhishDestroy: https://phishdestroy.io/domain/bluewallets.app/ - LLM endpoint: https://phishdestroy.io/domain/bluewallets.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bluewallets.app/ Last updated: 2026-04-06