# dfuidxwg.top — SUSPICIOUS

> Watch out: dfuidxwg.top is a crypto drainer detected with 0/95 VirusTotal flags since creation on Dec 2, 2025. Verify this domain on PhishDestroy immediately.

## Summary
PhishDestroy identifies dfuidxwg.top as a live crypto-draining site actively masquerading as a legitimate service. This domain—registered just days ago on December 2, 2025—has yet to be flagged by any of the 95 VirusTotal engines scanning it, showing zero detections at this time. The page resolves to 103.45.66.91 via a recently issued Let’s Encrypt certificate, suggesting a fast-turnover attack infrastructure operated through Gname.com Pte. Ltd.  Technical indicators point to a generic phishing kit repurposed for cryptocurrency theft rather than credential harvesting. The absence of detections (0/95) is expected for a newly registered domain, but the combination of a fresh SSL certificate, hosting IP geolocation, and the registrant’s anonymization service (Gname) mirrors patterns seen in high-velocity crypto drainers. Because these kits often include obfuscated JavaScript wallets and clipboard hijackers, even a brief visit can trigger unauthorized outbound transactions if the victim’s wallet is connected.  If you visited dfuidxwg.top or entered any wallet details, disconnect your device from the internet immediately. Open your wallet software in a clean environment, revoke any suspicious approvals, and transfer remaining assets to a new address. Use PhishDestroy’s live check to confirm the domain’s status and report the incident with the unique seed 4378df so our SOC can accelerate takedown and block the IP at firewall level.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-02 06:13:38
- Registrar: Gname.com Pte. Ltd.
- IP: 103.45.66.91

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/dfuidxwg.top
- PhishDestroy: https://phishdestroy.io/domain/dfuidxwg.top/
- LLM endpoint: https://phishdestroy.io/domain/dfuidxwg.top/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dfuidxwg.top/
Last updated: 2026-04-06