# ecoin55.cc — SUSPICIOUS

> PhishDestroy identifies ecoin55.cc as an active cryptocurrency drainer phishing domain with a 3/95 VirusTotal score. Check the full report.

## Summary
PhishDestroy’s forensic analysis identifies ecoin55.cc as an active crypto drainer phishing domain masquerading as a legitimate cryptocurrency platform. The domain employs a spoofed interface to trick victims into connecting crypto wallets, where drainers silently exfiltrate assets. No specific brand was impersonated in seed 52423e, but the attack chain follows known drainer kit templates observed in recent campaigns targeting Ethereum and Solana users.  This domain was registered on March 10, 2026 through Gname.com Pte. Ltd., and resolved to a single IPv4 address: 104.21.42.62. VirusTotal scanning detected malicious activity at a low 3/95 vendor detection rate, indicating limited exposure in security vendor feeds as of seed 52423e. The domain secured a free SSL certificate from Let’s Encrypt, likely to enhance legitimacy during phishing interactions. Google Safe Browsing (GSB) status remains unconfirmed, and cross-referenced threat intelligence shows no prior blocklist entries, suggesting early-stage deployment.  As of seed 52423e, ecoin55.cc remains active with elevated risk potential due to its crypto drainer payload and live infrastructure. PhishDestroy has flagged this domain for takedown and domain deactivation, with notifications submitted to the hosting provider and registrar. Despite these actions, the domain continues to resolve, indicating a need for immediate user caution and broader threat intelligence dissemination. Users should avoid interacting with this domain and report any encounters to their security teams or PhishDestroy’s intake portal.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-10 11:27:42
- Registrar: Gname.com Pte. Ltd.
- IP: 104.21.42.62

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2ec571df-114d-4ae6-8889-b7808ca97395
- PhishDestroy: https://phishdestroy.io/domain/ecoin55.cc/
- LLM endpoint: https://phishdestroy.io/domain/ecoin55.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ecoin55.cc/
Last updated: 2026-03-21