# dailytradestx.com — SUSPICIOUS

> PhishDestroy identifies dailytradestx.com as a malvertising scam distributing fake trading software, posing as ‘Daily Trade TX.

## Summary
PhishDestroy confirms dailytradestx.com is an actively running malvertising scam that masquerades as legitimate trading software under the ‘Daily Trade TX’ brand. This domain leverages social-engineering lures via malicious ads or sponsored search results to trick users into downloading counterfeit trading applications that harvest credentials and cryptocurrency. Evidence shows attackers registered the domain through OwnRegistrar, Inc., configured it to resolve to 199.142.45.218, and armed it with a Let’s Encrypt SSL certificate to enhance its appearance of legitimacy. Behavior observed from this domain aligns with drainer-kit tactics commonly used by financially motivated actors targeting retail investors and cryptocurrency users. The campaign is designed to siphon funds under the guise of ‘zero-commission trading’ or ‘bonus deposits,’ exploiting urgency and trust in familiar financial terminology.  This domain was flagged by 2 of 95 VirusTotal security vendors within the first 24 hours of detection. It was registered on March 31, 2026, via OwnRegistrar, Inc. and resolves to IP 199.142.45.218. Google Safe Browsing currently does not list this domain, and independent threat intelligence feeds show no prior association, indicating a fresh deployment. While registration and infrastructure are provisional, the low VT detection rate and absence from major blocklists suggest a window of opportunity for propagation before broader defenses converge. The domain’s recent creation and minimal blocklist footprint indicate it is likely still in the initial campaign phase, with active redirection paths to payloads hosted on IP ranges associated with fleeceware and infostealer families.  PhishDestroy assesses the risk level as elevated due to the active malvertising infrastructure and minimal current detection coverage. This domain remains online and responsive, delivering JavaScript-based fingerprinting and redirection logic to traffic sources identified in malvertising chains. Immediate mitigation includes network-level and host-based blocking of dailytradestx.com and 199.142.45.218. Users should avoid clicking any sponsored ads or search results referencing ‘Daily Trade TX’ and report any related fraudulent transactions to their financial institutions. Current defensive posture relies on early detection; therefore, timely dissemination of this IOC set is critical to curtail further victimization. The threat landscape remains dynamic, with potential for rapid expansion via additional domains or IP relocations, underscoring the need for continuous monitoring and proactive threat intelligence sharing.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-31 09:23:10
- Registrar: OwnRegistrar, Inc.
- IP: 192.142.45.218

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/dailytradestx.com
- PhishDestroy: https://phishdestroy.io/domain/dailytradestx.com/
- LLM endpoint: https://phishdestroy.io/domain/dailytradestx.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dailytradestx.com/
Last updated: 2026-04-08