# dydx-v2.org — MALICIOUS

> dydx-v2.org impersonates dYdX exchange and is flagged on multiple blocklists. Avoid interaction and report suspicious sites for your safety.

## Summary
PhishDestroy identifies dydx-v2.org as a high-risk brand impersonation domain targeting the decentralized crypto derivatives platform dYdX. This domain was created on February 21, 2026, and mimics official branding to deceive users.

The domain resolves to IP 104.21.86.130 and was registered through NiceNIC International Group Co., Limited. It appears on three security blocklists and is flagged by 13 out of 95 VirusTotal vendors. Its page title attempts to legitimize the site as a trading platform for perpetuals and margin.

Currently, dydx-v2.org is offline following detection and takedown actions. Users are advised to avoid this domain and report similar suspicious sites to prevent phishing attacks. PhishDestroy continues monitoring related threats under seed 721f82.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Target brand: dYdX
- Page title: DYDX - Decentralized Crypto Derivatives Exchange | Trade Perpetuals & Margin

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 104.21.86.130
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["arnold.ns.cloudflare.com", "destiny.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Seclookup", "Sophos", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0198a8ad-1e9f-70bc-bc94-8f1d9f37aac7.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/971b96c6-890f-415b-a689-45215cf80a19
- PhishDestroy: https://phishdestroy.io/domain/dydx-v2.org/
- LLM endpoint: https://phishdestroy.io/domain/dydx-v2.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dydx-v2.org/
Last updated: 2026-03-19