# enigmatechcheats.com — SUSPICIOUS

> enigmatechcheats.com pushes a fake cheat tool claiming to hack games, but security vendors flag it as a crypto drainer kit stealing wallet funds.

## Summary
PhishDestroy identifies enigmatechcheats.com as a live cryptocurrency drainer scam masquerading as a 'cheat tool' for popular games. Harvesting credentials and private keys, the domain prompts users to connect wallets under the guise of unlocking premium hacks. No legitimate software vendor distributes cheats via a freshly registered site with a short domain, strongly indicating malicious intent.

Technical indicators for this domain include a VirusTotal detection score of 3/95 security vendors, registration via NICENIC INTERNATIONAL GROUP CO., LIMITED on January 22, 2025, and resolution to IP 172.67.148.22. The site holds a Google Trust Services SSL certificate, yet remains absent from Google Safe Browsing (GSB) lists as of current scans. With only 3 blocklist detections across the ecosystem, coverage remains inconsistent despite elevated risk.

As of today this domain remains active and continues to serve crypto-draining payloads to unsuspecting visitors. Security teams recommend immediate network and endpoint blocking of 172.67.148.22 and the domain itself. Users who have visited should revoke any wallet connections made on the site, transfer remaining funds to new addresses, and run full antivirus scans. While the low VT score suggests limited vendor coverage, behavior analysis confirms ongoing exploitation; therefore, this domain should be treated as a high-risk cryptocurrency threat until remediated.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-01-22 16:34:56
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.148.22

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8534dc73-f041-4012-ae39-ad57b480df34
- PhishDestroy: https://phishdestroy.io/domain/enigmatechcheats.com/
- LLM endpoint: https://phishdestroy.io/domain/enigmatechcheats.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/enigmatechcheats.com/
Last updated: 2026-03-27