# diastruist.icu — SUSPICIOUS

> diastruist.icu (crypto drainer) shows 0/95 VirusTotal detections. NICENIC REGISTERED this Let's Encrypt domain on 2026-03-20. Investigate immediately.

## Summary
PhishDestroy identifies diastruist.icu as an active crypto drainer phishing domain under investigation. This domain exhibits multiple red flags consistent with cryptocurrency-focused credential theft campaigns, including recent registration, low detection rates, and infrastructure alignment with known malicious activity patterns.

This domain was flagged with a risk level of 'under_investigation' and is confirmed active. Technical indicators include a VirusTotal detection ratio of 0/95 (unflagged as of investigation), registration through NICENIC INTERNATIONAL GROUP CO., LIMITED, and resolution to IP 188.114.97.3. The domain utilizes a Let's Encrypt SSL certificate and was created on March 20, 2026. Currently, no blocklist entries or trust score data are available for this domain, indicating its novelty in the threat landscape.

Mitigation steps for crypto drainer phishing domains require immediate proactive measures. Users should avoid interacting with this domain or any associated links/IPs. Cryptocurrency holders should verify URLs through official channels and use hardware wallets for transactions. Security teams should block 188.114.97.3 at the network perimeter and flag NICENIC INTERNATIONAL GROUP CO., LIMITED as a suspicious registrar. Report this domain to cryptocurrency platforms and threat intelligence feeds to prevent further exploitation. Seed: a707bb

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-20 19:12:54
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2c921f96-633d-4e8c-b4e2-17dd64bf3024
- PhishDestroy: https://phishdestroy.io/domain/diastruist.icu/
- LLM endpoint: https://phishdestroy.io/domain/diastruist.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/diastruist.icu/
Last updated: 2026-03-23