# com-trezr-brdge.pages.dev — SUSPICIOUS > com-trezr-brdge.pages.dev hosts a destructive crypto-draining scam. VirusTotal confirms 0/95 detections. Block immediately to protect wallets. ## Summary com-trezr-brdge.pages.dev has been identified as an active crypto-draining scam leveraging brand impersonation and malicious drainer kit deployment. The domain masquerades as a legitimate Trezor bridge service, exploiting user trust to siphon cryptocurrency assets directly from connected wallets via injected drainer scripts. Technical telemetry indicates the implementation of a sophisticated crypto-draining framework designed to exfiltrate private keys and transaction approvals without user awareness. The infrastructure is engineered to harvest seed phrases, wallet balances, and transaction signing capabilities, posing a severe threat to both individual and institutional cryptocurrency holdings. The domain resolves to IP 188.114.96.3 and is registered through Cloudflare, Inc. A Google Trust Services SSL certificate has been issued, providing deceptive legitimacy. VirusTotal analysis shows 0/95 detections as of the latest scan, indicating undetected malicious activity. This domain was registered recently and remains unlisted on major blocklists such as Google Safe Browsing, allowing continued operation. Current forensic indicators suggest minimal detection coverage despite confirmed hostile intent, elevating the risk profile to critical levels for cryptocurrency users interacting with bridge-related services. The domain remains active and under active investigation by multiple threat intelligence teams due to its use of a live crypto-draining payload targeting Trezor users. Immediate blocking at the network and endpoint level is recommended, including enterprise DNS filtering and browser-based blocklists. Users are advised to avoid interacting with any domain referencing 'trezor bridge' or similar impersonations and to verify all web3 service URLs via official Trezor channels. While current detection remains low, the active exploitation and drainer functionality elevate the risk to severe, requiring urgent defensive action to prevent asset loss. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/27b28e79-10d1-450f-a5db-ee7491c83f91 - PhishDestroy: https://phishdestroy.io/domain/com-trezr-brdge.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/com-trezr-brdge.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/com-trezr-brdge.pages.dev/ Last updated: 2026-04-12