# carbonwallet.ru — SUSPICIOUS

> carbonwallet.ru operates as a crypto drainer with 0/95 VirusTotal detections. This domain poses a direct threat to cryptocurrency users. Take immediate action.

## Summary
PhishDestroy identifies carbonwallet.ru as an active crypto drainer designed to steal cryptocurrency assets from unsuspecting users. This domain mimics legitimate cryptocurrency wallet services to trick victims into connecting their wallets or entering private keys, enabling attackers to drain funds directly. The site leverages social engineering tactics, often distributed via fake wallet updates, phishing emails, or fraudulent advertisements, to lure users into interacting with malicious smart contracts or transaction requests. Once a user authorizes a transaction or inputs credentials, the drainer exploits blockchain permissions to siphon funds without further interaction. Technical analysis confirms this domain is engineered to target Ethereum, Binance Smart Chain, and other EVM-compatible networks, making it a high-risk threat to crypto investors.  This domain was flagged as a crypto drainer with 0 detections out of 95 VirusTotal engines as of the latest scan. The domain carbonwallet.ru was registered on March 04, 2018, and resolves to IP address 188.114.96.3. It was registered through REGRU-RU, a Russian registrar known for hosting both legitimate and malicious domains. The SSL certificate is issued by Google Trust Services, which may lend unintended credibility to the site. Despite its age, the domain remains active and has not been widely blacklisted, increasing the risk of exposure to users who may assume its legitimacy due to the SSL certificate and domain maturity.  If you have visited carbonwallet.ru or interacted with it, immediately revoke any wallet permissions granted to the site using tools like revoke.cash or Etherscan’s token approval tracker. Disconnect the site from your wallet and transfer remaining funds to a new, secure wallet with a clean address. Use a hardware wallet for future transactions to add an extra layer of security. Report the domain to your antivirus provider and consider notifying relevant blockchain security platforms such as Etherscan or Chainalysis. Always verify wallet URLs through official channels and avoid clicking on unsolicited links or ads promoting cryptocurrency services.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2018-03-04 09:57:24
- Registrar: REGRU-RU
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/cf5ebd84-3afa-4108-9023-957675256798
- PhishDestroy: https://phishdestroy.io/domain/carbonwallet.ru/
- LLM endpoint: https://phishdestroy.io/domain/carbonwallet.ru/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/carbonwallet.ru/
Last updated: 2026-03-26