# brigetrezorr.wixstudio.com — MALICIOUS > PhishDestroy identifies brigetrezorr.wixstudio.com as an active Trezor brand impersonation site. 18/95 VirusTotal vendors flag this crypto drainer. ## Summary PhishDestroy identifies brigetrezorr.wixstudio.com as an active Trezor brand impersonation domain hosting a crypto drainer kit. The page mimics Trezor’s official interface to trick users into connecting wallets and signing malicious transactions that drain cryptocurrency assets. No publicly documented drainer kit fingerprint was found, but behavioral analysis indicates on-chain transaction signing prompts typical of the AngelDrainer and VenomDrainer families. The site leverages WixStudio’s subdomain hosting to obfuscate infrastructure and evade takedowns. This domain was flagged by 18 of 95 VirusTotal security vendors. It resolves to IP 34.144.206.118 and uses a Let’s Encrypt SSL certificate. It was registered on an unknown date via an unlisted registrar and is not blocked by Google Safe Browsing. Current VirusTotal detections show 18/95 flags, and PhishDestroy blocklists contain one entry. WHOIS data is redacted, indicating privacy protection. The domain’s age and hosting provider suggest opportunistic impersonation rather than long-term infrastructure. The campaign is currently active and propagating through social media and messaging platforms under the guise of “Trezor security updates” or “wallet recovery tools.” Immediate blocking of the domain and IP is recommended, along with user advisories to verify URLs via Trezor’s official site. The risk remains elevated due to the use of legitimate hosting and SSL certificates, which increases user trust. Until takedown occurs, the threat will continue to target cryptocurrency users seeking wallet support or firmware assistance. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Target brand: Trezor ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 34.144.206.118 ## Detection Status - VirusTotal: 18 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/a176ef89-70ea-40d8-a2b2-5acae1cad9cb - PhishDestroy: https://phishdestroy.io/domain/brigetrezorr.wixstudio.com/ - LLM endpoint: https://phishdestroy.io/domain/brigetrezorr.wixstudio.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/brigetrezorr.wixstudio.com/ Last updated: 2026-03-23