# defi-goldfishgold.com — SUSPICIOUS > PhishDestroy identifies defi-goldfishgold.com as an active crypto drainer site with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies defi-goldfishgold.com as an active crypto drainer domain currently under investigation. This fraudulent site mimics legitimate decentralized finance (DeFi) platforms to trick users into connecting cryptocurrency wallets, enabling silent fund extraction via malicious smart contract interactions. While no specific drainer kit has been publicly disclosed, the domain's infrastructure and registration patterns align with known crypto-scamming operations targeting unsuspecting investors. The domain resolves to IP address 188.114.96.3 and was registered on March 13, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED. As of the latest scan, defi-goldfishgold.com has 0 detections out of 95 on VirusTotal and holds a valid SSL certificate issued by Let's Encrypt. The domain remains unblocked by Google Safe Browsing (GSB) and has not been flagged by major threat intelligence platforms, indicating a low detection rate despite its malicious intent. The seed identifier 0006e6 is associated with this campaign, suggesting it may be part of a larger, evolving operation. As of today, defi-goldfishgold.com remains active and poses a high-risk threat to cryptocurrency users. PhishDestroy continues to monitor this domain and has flagged it for further investigation. Users are strongly advised to avoid interacting with this domain or any associated links. To stay protected, always verify URLs, use hardware wallets for transactions, and enable multi-factor authentication on all crypto-related accounts. Report any suspicious activity immediately to relevant authorities or threat intelligence platforms. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-13 22:58:06 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f8fbd790-cbbd-484f-9a21-b661bf5f7f68 - PhishDestroy: https://phishdestroy.io/domain/defi-goldfishgold.com/ - LLM endpoint: https://phishdestroy.io/domain/defi-goldfishgold.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/defi-goldfishgold.com/ Last updated: 2026-03-23