# claims-tectum.org — SUSPICIOUS > Beware! claims-tectum.org hosts a crypto drainer—a malware strain siphoning funds from wallets. 95 VirusTotal vendors missed this threat; verify on. ## Summary PhishDestroy identifies claims-tectum.org as an active crypto drainer scam under investigation, currently resolving to malicious infrastructure. The domain claims-tectum.org has been flagged as a crypto drainer—malware designed to silently empty cryptocurrency wallets—while actively serving malicious payloads. VirusTotal records 0 detections out of 95 vendors, indicating a zero-detect window exploited by threat actors. This domain was registered through Cloudflare, Inc., resolved to IP 172.67.179.156, and launched on December 03, 2025. It is currently blocked by Codeesura, Polkadot, MetaMask, ScamSniffer, SEAL, and is listed on six public security blocklists. The SSL certificate, issued by Google Trust Services, adds a veneer of legitimacy to deceive users. This domain presents an immediate risk to cryptocurrency users due to its dedicated crypto drainer functionality. The absence of detection by VirusTotal vendors highlights the sophistication of the threat and the need for real-time crowd-sourced intelligence. With six blocklists active and multiple wallet-security platforms already blocking access, this domain is rapidly escalating in infamy within threat intelligence communities. Users are advised to avoid interacting with claims-tectum.org and verify any suspicious domain using PhishDestroy’s real-time threat lookup. Enable wallet protections, use hardware wallets, and cross-check URLs against reputable blocklists before entering credentials or initiating transactions. Immediate blocking at network and browser levels is recommended to prevent accidental exposure to this active crypto drainer. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-12-03 14:17:04 - Registrar: Cloudflare, Inc. - IP: 172.67.179.156 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 6 hits Lists: ["Codeesura", "Polkadot", "MetaMask", "ScamSniffer", "SEAL", "Enkrypt"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/claims-tectum.org - PhishDestroy: https://phishdestroy.io/domain/claims-tectum.org/ - LLM endpoint: https://phishdestroy.io/domain/claims-tectum.org/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/claims-tectum.org/ Last updated: 2026-04-07