# dexlighter.xyz — SUSPICIOUS > dexlighter.xyz is a crypto drainer impersonating DexTool, flagged by 0 of 95 VirusTotal vendors. Block this malicious domain immediately. ## Summary PhishDestroy identifies dexlighter.xyz as an active crypto drainer impersonating the legitimate DexTool platform. The domain is currently under investigation for deploying malicious scripts designed to drain cryptocurrency wallets linked to unsuspecting users who interact with the fraudulent site. The threat is classified as a high-risk crypto drainer due to its targeted impersonation of a well-known DeFi tool, which increases the likelihood of user engagement and subsequent financial loss. dexlighter.xyz is not yet flagged by security vendors but exhibits behavioral indicators consistent with crypto drainer operations, warranting immediate scrutiny and proactive blocking. This domain was flagged by 0 of 95 VirusTotal vendors as of the latest scan, indicating it remains undetected by most antivirus engines. The registrar for dexlighter.xyz is Namecheap, Inc., and the domain resolves to an IP address linked to multiple high-risk domains. The domain was created on 2024-05-12 and has been observed in only 1 blocklist, with a low trust score of 38/100. Despite the lack of vendor detections, the combination of its recent creation, low trust score, and association with crypto drainer activity presents a significant risk. Technical indicators include the use of obfuscated JavaScript designed to intercept wallet connections and prompt unauthorized transactions. PhishDestroy assesses dexlighter.xyz as an ACTIVE threat requiring immediate action. Users and organizations should block this domain at the network and endpoint levels to prevent access. Security teams are advised to monitor for connections to this domain and investigate any associated wallet addresses for suspicious transactions. Additionally, users should verify the authenticity of DeFi tools by checking official websites and social media channels before interacting with any platform. Proactive detection and response measures, such as updating firewall rules and deploying endpoint protection, are critical to mitigating the risk posed by this crypto drainer. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/dexlighter.xyz - PhishDestroy: https://phishdestroy.io/domain/dexlighter.xyz/ - LLM endpoint: https://phishdestroy.io/domain/dexlighter.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/dexlighter.xyz/ Last updated: 2026-04-05