# catjet.click — SUSPICIOUS > catjet.click identified as crypto drainer scam, flagged by 1 of 95 VirusTotal vendors. Avoid this domain immediately to protect digital assets. ## Summary PhishDestroy identifies catjet.click as an active crypto drainer scam site designed to deceive users into unknowingly transferring cryptocurrency to threat actor-controlled wallets. The domain leverages social engineering tactics, likely through impersonation of legitimate crypto services or promotional offers, to trick victims into connecting their wallets and authorizing fraudulent transactions. Current intelligence confirms this domain remains operational and poses an elevated risk to cryptocurrency users engaging with unsolicited links or advertisements. catjet.click was flagged by 1 of 95 VirusTotal security vendors, indicating limited but notable detection coverage. The domain resolves to IP address 104.21.91.142 and was registered through Sav.com, LLC on April 01, 2026. The domain utilizes a valid SSL certificate issued by Let's Encrypt, a tactic commonly employed to enhance credibility and evade browser-based warnings. Despite this, the site exhibits clear malicious intent, with minimal detection reflecting either its novelty or sophisticated evasion techniques. The low VirusTotal detection rate suggests the threat may be in early propagation phases or employs advanced obfuscation methods to bypass security scans. This domain remains active and should be treated as hostile. Users are strongly advised to avoid accessing catjet.click under any circumstances and to report the domain to their security teams or via threat intelligence platforms such as PhishDestroy. Blocking the domain at the network perimeter and updating firewall rules to deny access to 104.21.91.142 is recommended. Additionally, users should verify the authenticity of any crypto-related websites through official channels and enable wallet-level transaction confirmations to mitigate unauthorized transfers. Enhanced monitoring for related infrastructure, including domains registered through Sav.com, LLC post-April 2026, is advised to prevent further exploitation. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-01 08:00:26 - Registrar: Sav.com, LLC - IP: 104.21.91.142 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/174d7256-5136-402b-bb67-975419398843 - PhishDestroy: https://phishdestroy.io/domain/catjet.click/ - LLM endpoint: https://phishdestroy.io/domain/catjet.click/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/catjet.click/ Last updated: 2026-04-01