# bvgbrqqj.top — SUSPICIOUS

> bvgbrqqj.top is a crypto drainer phishing domain impersonating unknown brands. Google Safe Browsing lists it for social engineering.

## Summary
PhishDestroy identifies bvgbrqqj.top as an active crypto-draining phishing domain. The site is currently under investigation for generic phishing tactics with a high risk of cryptocurrency theft via malicious drainer scripts. No specific brand impersonation is confirmed at this stage, but the infrastructure and behavior suggest a drainer kit deployment is imminent or already operational. The domain's recent creation, combined with its SSL certificate issued by Google Trust Services, adds a layer of false legitimacy, increasing the likelihood of successful user deception.  

This domain resolves to IP 188.114.96.3 and was registered through NameSilo, LLC on January 08, 2026. VirusTotal analysis shows 0/95 detections, indicating no immediate antivirus or endpoint protection flags. However, the domain is blocked by InversionDNS and appears on 1 security blocklist. Google Safe Browsing categorizes it under SOCIAL_ENGINEERING, confirming malicious intent but not providing further granularity on the specific payload or target.  

The current status of bvgbrqqj.top is active, with ongoing risk due to its fresh registration and lack of wide-scale detection. PhishDestroy continues to monitor the domain, and users are advised to avoid interaction until further analysis is complete. Immediate safety actions include verifying any URLs via PhishDestroy’s scanning tools and reporting suspicious activity to mitigate potential cryptocurrency theft. Remaining risk is high due to the domain’s recent registration, low detection rates, and the presence of a valid SSL certificate, which may lull users into a false sense of security.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-08 12:09:01
- Registrar: NameSilo, LLC
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 1 hits
  Lists: ["InversionDNS"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/76cfdb22-90f4-4fab-b851-09499edbbe53
- PhishDestroy: https://phishdestroy.io/domain/bvgbrqqj.top/
- LLM endpoint: https://phishdestroy.io/domain/bvgbrqqj.top/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bvgbrqqj.top/
Last updated: 2026-03-23