# bomeow-solana.pages.dev — MALICIOUS — Crypto Drainer (Solana Drainer) > bomeow-solana.pages.dev is a live Solana drainer site: it pulls crypto wallets using the Solana drainer kit and has zero VirusTotal detections as of today. ## Summary bomeow-solana.pages.dev is a confirmed Solana cryptocurrency drainer site running the open-source Solana Drainer kit. Once a victim connects a wallet through the embedded “Connect Wallet” prompt or clicks any transaction approval button, the drainer silently requests token approvals and then siphons every token and NFT to wallets controlled by the attacker. At the time of writing this assessment, the site had 0 detections out of 95 engines on VirusTotal and remains undetected by most antivirus scanners, making it especially dangerous for users who rely on automated blocking tools. The domain is currently served from IP 172.66.44.194 behind Cloudflare and uses a Google Trust Services SSL certificate, which helps it blend in with legitimate services and evade network-level filters. PhishDestroy identifies bomeow-solana.pages.dev as a high-risk crypto drainer because it implements the Solana Drainer exploit kit. This kit automates the theft of tokens and NFTs by abusing the approve and transfer functions in Solana wallet extensions such as Phantom, Solflare, and Backpack. When a user clicks “Connect Wallet,” the drainer obtains a read-only connection and then prompts a series of malicious transaction requests; once authorized, these payloads drain the wallet without further prompts. The site’s low detection count (0/95 on VirusTotal) indicates it is still new or using evasion tactics that bypass traditional signature-based scanners. Because Cloudflare proxies traffic, network firewalls cannot reliably block the domain by IP, and the Google-issued SSL certificate gives a false sense of legitimacy. If you or someone you know visited bomeow-solana.pages.dev, take these steps immediately. Disconnect the device from the internet to prevent any further malicious scripts from executing. In your Solana wallet extension, revoke any suspicious token approvals by using the official revoke websites (e.g., revoke.money or solflare.com/revoke) and check the transaction history for unauthorized transfers. Then, clear your browser cache and cookies for the site and consider running a malware scan with a reputable security tool. If you connected your wallet and authorized any transactions, open a support ticket with your wallet provider and report the incident to the platform you used to discover the link (e.g., Twitter, Discord). Finally, change all sensitive passwords and enable two-factor authentication on all accounts. Forward the domain to PhishDestroy or a similar threat-intel platform so others can be warned. ## Threat Details - Verdict: MALICIOUS — Crypto Drainer (Solana Drainer) - Site status: unknown (HTTP ?) - Drainer type: Solana Drainer ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.194 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/a486ef8a-fc07-4ccf-97fd-65f020b9f881 - PhishDestroy: https://phishdestroy.io/domain/bomeow-solana.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/bomeow-solana.pages.dev/llm.txt ## If You Visited This Site 1. Revoke all token approvals immediately (revoke.cash / unrekt.net) 2. Move remaining funds to a new wallet 3. Do not interact with any transactions from this site 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bomeow-solana.pages.dev/ Last updated: 2026-03-24