# distribution-jito.network — SUSPICIOUS

> PhishDestroy identifies distribution-jito.network impersonating Jito as a crypto drainer. VirusTotal shows 0/95 detections.

## Summary
PhishDestroy identifies the domain distribution-jito.network as an active crypto drainer engaged in brand impersonation targeting Jito, a prominent Solana liquid staking protocol. This site is designed to trick users into connecting wallets or signing transactions that drain cryptocurrency assets. The infrastructure suggests operational sophistication, with evidence pointing to the deployment of on-chain drainer kits commonly used in Web3 attacks to siphon tokens from connected wallets. The domain mimics official Jito branding to exploit user trust and facilitate unauthorized fund transfers.  

This domain was flagged with multiple red flags: it resolves to IP 104.21.54.79, was registered via NICENIC INTERNATIONAL GROUP CO., LIMITED on April 01, 2026, and holds a valid Let’s Encrypt SSL certificate. VirusTotal analysis returned 0/95 detections at time of assessment, indicating it has evaded mainstream detection systems temporarily. It appears on at least two security blocklists and is already blocked by MetaMask and SEAL. These technical indicators confirm active malicious hosting with low detection coverage.  

As of now, distribution-jito.network remains active and unblocked by major browsers, despite containment efforts by security vendors and browser extensions. PhishDestroy classifies this threat as under investigation due to the low VT detection rate and the use of obfuscated infrastructure. Users are strongly advised to avoid visiting this domain, not connect any wallets, and report any interactions. The risk remains elevated due to delayed detection and active evasion tactics. Security teams should prioritize domain takedown and network-level blocking to prevent further exploitation while monitoring for new variants. Remain cautious of similar impersonation domains leveraging high-profile DeFi brands.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Jito

## Domain Intelligence
- Registered: 2026-04-01 16:22:39
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.54.79

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["SEAL", "MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/distribution-jito.network
- PhishDestroy: https://phishdestroy.io/domain/distribution-jito.network/
- LLM endpoint: https://phishdestroy.io/domain/distribution-jito.network/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/distribution-jito.network/
Last updated: 2026-04-04