# crabfun.trade — SUSPICIOUS > Beware crabfun.trade: a crypto drainer impersonating popular exchanges. Flagged by 0/95 VirusTotal vendors—verify on PhishDestroy before interaction. ## Summary PhishDestroy identifies crabfun.trade as an active crypto drainer domain currently under investigation. This domain is being tracked for its malicious intent to deceive users into connecting crypto wallets, with the goal of siphoning funds under false pretenses. The threat remains active as of today, with no detections on VirusTotal but escalating risk potential due to its cryptocurrency-focused lure. This domain was flagged by 0 of 95 VirusTotal vendors, indicating a currently undetected threat. Registered through Global Domain Group LLC, crabfun.trade resolves to IP 188.114.97.3 and was created on March 31, 2026. The domain utilizes a Let's Encrypt SSL certificate, adding a veneer of legitimacy, but its recent creation and zero detections suggest a rapidly evolving threat. No blocklist entries or trust score data are currently available for this domain, heightening its stealth profile. Given the domain's active status and cryptocurrency drainer functionality, users and organizations should treat crabfun.trade as hostile. Immediate actions include blocking the domain and IP at network and endpoint levels, conducting user awareness training on crypto drainer tactics, and verifying any unsolicited links through PhishDestroy's platform. Continuous monitoring is advised due to the low initial detection rate and high-risk potential associated with cryptocurrency theft. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-31 05:54:34 - Registrar: Global Domain Group LLC - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/crabfun.trade - PhishDestroy: https://phishdestroy.io/domain/crabfun.trade/ - LLM endpoint: https://phishdestroy.io/domain/crabfun.trade/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/crabfun.trade/ Last updated: 2026-04-04