# dashboard-moonwell.xyz — SUSPICIOUS > dashboard-moonwell.xyz acts as a Moonwell brand impersonation credential theft domain flagged by 0 of 95 VirusTotal vendors. Act now. ## Summary PhishDestroy identifies dashboard-moonwell.xyz as an active credential theft domain designed to impersonate the Moonwell DeFi protocol. The domain masquerades as an official dashboard interface, tricking users into entering wallet credentials or private keys. Current threat intelligence confirms the domain is live and operational, requiring immediate attention from affected users and security teams. This fraudulent infrastructure targets cryptocurrency users and poses a significant risk of unauthorized fund access and identity compromise. This domain was flagged by 0 of 95 VirusTotal vendors as of evaluation, indicating it has not yet been widely blacklisted despite active deployment. Registered through Dynadot LLC on March 25, 2026, the domain resolves to IP address 188.114.97.3 and utilizes a Let's Encrypt SSL certificate to enhance perceived legitimacy. Notably, the domain is not currently listed on any major blocklists, maintaining a low detection profile. While trust scores remain unverified due to its recent creation, the lack of detections and active SSL certificate suggests it is still operating in an early phase of deployment. The current combination of low antivirus coverage, fresh registration, and cryptocurrency-related branding creates a high-risk threat vector. Users and organizations are strongly advised to block this domain at the network and DNS levels immediately. If exposure has occurred, instruct users to revoke any entered credentials, disconnect compromised wallets, and monitor for unauthorized transactions. Security teams should inspect DNS logs for connections to 188.114.97.3 and screen endpoints for signs of wallet-related activity. Given the rapidly evolving nature of this threat, continuous monitoring and proactive threat hunting are essential. Report this indicator via internal channels and to threat intelligence platforms to enhance collective defense. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-25 02:03:33 - Registrar: Dynadot LLC - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/dashboard-moonwell.xyz - PhishDestroy: https://phishdestroy.io/domain/dashboard-moonwell.xyz/ - LLM endpoint: https://phishdestroy.io/domain/dashboard-moonwell.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/dashboard-moonwell.xyz/ Last updated: 2026-04-02