# connect-started-io.wixstudio.com — SUSPICIOUS > connect-started-io.wixstudio.com actively hosts a crypto drainer falsely mimicking a crypto service. Only 0/95 VirusTotal engines detect it. Block and avoid. ## Summary PhishDestroy identifies connect-started-io.wixstudio.com as an active crypto drainer impersonating legitimate cryptocurrency services. This site is designed to trick users into connecting their wallets under the guise of a routine transaction or service interaction, only to silently drain assets. The domain resolves to 34.144.206.118 and currently operates under a Let’s Encrypt SSL certificate, giving it a deceptive layer of legitimacy. Despite its recent appearance, this domain has flown under the radar with zero detections across 95 VirusTotal engines, enabling it to remain operational undetected. Technical indicators confirm this domain is part of a broader campaign targeting crypto users. The infrastructure is hosted on a Google Cloud IP (34.144.206.118), which is often abused due to its high reputation and low initial blocking rates. The domain is served through Wix’s studio hosting platform, which can be exploited by threat actors to rapidly deploy fraudulent pages that appear professional. Given the absence of detections and the use of a reputable hosting provider, the risk of exposure remains elevated until proactive blocking measures are implemented. Users who have visited this domain should immediately disconnect any connected cryptocurrency wallets and revoke any permissions granted to unknown or suspicious domains. Perform a full wallet audit and consider transferring remaining assets to a secure, offline wallet. Report the domain to your security team and blocklist it at the network and endpoint levels. Monitor for unusual transaction activity and enable transaction alerts to detect any unauthorized transfers promptly. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 34.144.206.118 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/connect-started-io.wixstudio.com - PhishDestroy: https://phishdestroy.io/domain/connect-started-io.wixstudio.com/ - LLM endpoint: https://phishdestroy.io/domain/connect-started-io.wixstudio.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/connect-started-io.wixstudio.com/ Last updated: 2026-04-06