# claim.superformportal.icu — SUSPICIOUS > PhishDestroy identifies claim.superformportal.icu as an active crypto drainer. Flagged by 0 of 95 VirusTotal vendors. Check now before you connect. ## Summary PhishDestroy identifies claim.superformportal.icu as an active crypto drainer targeting cryptocurrency users through deceptive web forms and wallet connection prompts. This domain mimics legitimate crypto platform interfaces to trick visitors into connecting wallets or entering seed phrases, resulting in unauthorized crypto asset transfers. Current threat status is active, with evidence of ongoing campaigns observed in the wild. This domain was flagged by 0 of 95 VirusTotal vendors as of seed 882dda, indicating it remains under the radar despite active distribution. The domain resolves to IP address 172.67.135.85 and is registered through PDR Ltd. d/b/a PublicDomainRegistry.com. Registered on March 28, 2026, the domain uses a Let's Encrypt SSL certificate to appear legitimate. Trust scores remain low due to the recent registration and lack of historical reputation data, with no confirmed blocklist presence at this time. Security researchers and users are advised to block access to claim.superformportal.icu immediately and avoid interacting with any associated links or web forms. If you have recently connected a wallet or entered credentials on this domain, revoke all connected permissions and transfer remaining assets to a secure wallet. Monitor transaction histories closely and report any unauthorized transfers to relevant authorities. Use updated ad-blockers, browser security extensions, and DNS filtering services to prevent future exposures. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-28 21:24:53 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 172.67.135.85 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/3f93a3a2-ade4-467c-95d8-7d4c059c6573 - PhishDestroy: https://phishdestroy.io/domain/claim.superformportal.icu/ - LLM endpoint: https://phishdestroy.io/domain/claim.superformportal.icu/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/claim.superformportal.icu/ Last updated: 2026-03-29