# compassx.site — SUSPICIOUS > COMPASSX.SITE is a live crypto drainer impersonating a login portal. VirusTotal shows 0/95 detections. Verify safety on PhishDestroy before entering credentials. ## Summary PhishDestroy identifies COMPASSX.SITE as an active crypto drainer impersonating a generic login portal, designed to steal cryptocurrency assets from unsuspecting users. The threat type is classified as a generic phishing campaign with a focus on credential harvesting and crypto asset exfiltration. No specific brand impersonation has been confirmed at this stage, but the domain mimics legitimate login interfaces to deceive users into entering sensitive credentials or crypto wallet information. The domain is part of an ongoing investigation, with no definitive drainer kit identified yet, though its behavior aligns with known crypto-draining tactics. This domain resolves to IP address 188.114.97.3 and was registered through NAMECHEAP INC on March 23, 2026, indicating it is a recently established threat. VirusTotal currently shows 0 detections out of 95 security vendors, suggesting it has evaded immediate detection by mainstream antivirus and threat intelligence platforms. The domain utilizes a Google Trust Services SSL certificate, which may be leveraged to appear legitimate and bypass browser security warnings. As of the latest intelligence, COMPASSX.SITE has not been flagged or blocklisted by major services, including Google Safe Browsing (GSB). The combination of a newly registered domain, low detection rates, and the use of a trusted SSL certificate highlights a sophisticated and potentially high-risk threat. As of the latest assessment, COMPASSX.SITE remains active and under active investigation by cybersecurity analysts. No definitive remediation actions, such as takedown requests or blocklisting, have been confirmed at this time. The current risk level is marked as 'under_investigation,' reflecting uncertainty in the full scope of its operations and victimology. Users are strongly advised to avoid interacting with this domain and to verify its safety status on PhishDestroy or similar threat intelligence platforms before proceeding. Remaining risk includes the potential for further evasion tactics, such as rapid domain rotation or the adoption of new infrastructure to expand its malicious operations. Immediate vigilance and proactive threat sharing are critical to mitigating the impact of this and similar crypto-draining campaigns. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-23 03:26:47 - Registrar: NAMECHEAP INC - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/db4a362b-95be-4eb2-83e6-bb18d12ca553 - PhishDestroy: https://phishdestroy.io/domain/compassx.site/ - LLM endpoint: https://phishdestroy.io/domain/compassx.site/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/compassx.site/ Last updated: 2026-03-23