# daegwangjeom-nozen.com — SUSPICIOUS

> daegwangjeom-nozen.com is a crypto drainer site with credential theft tactics, flagged by 1 out of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies daegwangjeom-nozen.com as an active crypto drainer domain designed to steal cryptocurrency from unwary users. This site mimics legitimate blockchain services to trick visitors into connecting wallets or entering private keys. Security analysts classify this as a high-risk threat due to its active campaign and use of stolen assets. Anyone who has visited this domain should assume their wallet may be compromised and transfer remaining funds to a secure wallet immediately.  This domain was flagged by Google Safe Browsing for social engineering tactics and carries only a single detection from 95 VirusTotal vendors, suggesting limited but growing exposure. Registered on December 05, 2025 through NETIM and hosted on IP 91.236.116.172, it uses a Let’s Encrypt SSL certificate to appear legitimate. Despite its recent creation, the site has already begun circulating in crypto communities, making it a critical threat for digital asset holders.  If you visited daegwangjeom-nozen.com, disconnect your wallet from any dApps immediately and inspect transaction history for unauthorized transfers. Do not enter private keys or seed phrases anywhere on this site. Report the domain to your browser’s security team and monitor wallet activity closely. Consider revoking any wallet connections via tools like Etherscan or similar block explorers specific to your chain. Stay vigilant and verify URLs before any crypto-related interaction.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-05 12:49:59
- Registrar: NETIM
- IP: 91.236.116.172

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/008adcdd-66ce-4d5e-88e0-a2c3ac82ddd8
- PhishDestroy: https://phishdestroy.io/domain/daegwangjeom-nozen.com/
- LLM endpoint: https://phishdestroy.io/domain/daegwangjeom-nozen.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/daegwangjeom-nozen.com/
Last updated: 2026-03-22