# connectweb3verse.com — SUSPICIOUS > connectweb3verse.com exposed for Web3 cryptocurrency phishing targeting MetaMask users. Flagged by 0 of 95 VirusTotal vendors. Check the full report. ## Summary PhishDestroy identifies connectweb3verse.com as an active Web3 cryptocurrency phishing domain designed to deceive users into surrendering MetaMask credentials. This domain is currently under investigation and remains operational, posing an immediate threat to cryptocurrency investors and Web3 users. The site mimics legitimate Web3 platforms to harvest private keys and seed phrases, facilitating asset theft. This domain was flagged by 0 of 95 VirusTotal vendors as of the latest scan, indicating it has not yet been widely detected by automated security tools. Registered through COSMOTOWN, INC., the domain resolves to IP address 157.90.1.27 and was created on January 18, 2026. It utilizes a Let's Encrypt SSL certificate, which may contribute to a false sense of legitimacy. The domain exhibits no detections on reputable blocklists and maintains high trust scores across threat intelligence platforms, delaying proactive blocking by security solutions. Users are urged to avoid interacting with connectweb3verse.com and verify all Web3-related domains through official channels before entering credentials or cryptocurrency transactions. Security teams should monitor IP 157.90.1.27 and the associated registrar for additional malicious domains. Blocking this domain at the network level is recommended to prevent further victimization. Immediate reporting of any interactions with this domain to relevant cryptocurrency platforms and cybersecurity authorities is advised. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-01-18 20:19:32 - Registrar: COSMOTOWN, INC. - IP: 157.90.1.27 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/18754210-516f-4b5a-aa25-5300b801ecb2 - PhishDestroy: https://phishdestroy.io/domain/connectweb3verse.com/ - LLM endpoint: https://phishdestroy.io/domain/connectweb3verse.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/connectweb3verse.com/ Last updated: 2026-03-22