# eigenlayer-wb-demo.pages.dev — SUSPICIOUS

> eigenlayer-wb-demo.pages.dev is a cryptocurrency wallet drainer impersonating EigenLayer with 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies eigenlayer-wb-demo.pages.dev as an active cryptocurrency wallet drainer site impersonating the legitimate EigenLayer brand. This domain employs deceptive branding to trick users into connecting their cryptocurrency wallets, specifically targeting those familiar with EigenLayer's services. The site represents a direct financial threat, as wallet drainers are designed to steal funds by tricking users into signing malicious transactions or revealing private keys.  eigenlayer-wb-demo.pages.dev resolves to IP address 172.66.47.177 and was registered through Cloudflare, Inc. The domain currently shows 0 detections out of 95 VirusTotal scans, indicating it has not yet been flagged by most security vendors. The site uses a Google Trust Services SSL certificate to appear legitimate, and its Cloudflare registration obscures the true ownership details. As of this assessment, no specific drainer kit has been identified beyond the domain's wallet-connecting functionality.  This domain remains active and poses an immediate risk to cryptocurrency users. Security researchers recommend blocking the domain at the network level and reporting it to Cloudflare and relevant cybersecurity authorities. While the current VirusTotal detection rate is low, the site's active status and impersonation tactic demand urgent attention. Users should treat this domain as high-risk and avoid any interaction with it.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: EigenLayer

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.177

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/eigenlayer-wb-demo.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/eigenlayer-wb-demo.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/eigenlayer-wb-demo.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/eigenlayer-wb-demo.pages.dev/
Last updated: 2026-04-10