# boon.rest — SUSPICIOUS

> PhishDestroy identifies boon.rest as a live crypto drainer phishing site with 0/95 VirusTotal detections. Immediate user action is required to avoid asset loss.

## Summary
PhishDestroy identifies boon.rest as an active crypto drainer phishing campaign currently under investigation. This domain was flagged due to its recent registration and low detection coverage, which poses a high risk to cryptocurrency users who may unknowingly interact with it.  boon.rest resolves to IP 104.21.20.70 and was registered through Dynadot, LLC on April 04, 2026. The domain utilizes a Let's Encrypt SSL certificate to appear legitimate. Critically, VirusTotal currently reports 0 detections out of 95 engines, indicating that traditional antivirus and security tools have not yet flagged this threat. The domain's recent creation date and absence of blocklist coverage further suggest this is a newly deployed operation, likely targeting unsuspecting victims to siphon cryptocurrency assets via a crypto drainer.  Users who visited boon.rest should immediately disconnect any connected wallets or devices and revoke any unintended approvals or permissions granted to the domain. If cryptocurrency transactions were attempted or completed, users must report the incident to their wallet provider, monitor for unauthorized transfers, and consider transferring remaining assets to a secure, non-compromised wallet. Exercise extreme caution with any unsolicited links or websites related to cryptocurrency transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-04 10:22:25
- Registrar: Dynadot, LLC
- IP: 104.21.20.70

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/boon.rest
- PhishDestroy: https://phishdestroy.io/domain/boon.rest/
- LLM endpoint: https://phishdestroy.io/domain/boon.rest/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/boon.rest/
Last updated: 2026-04-06