# etherealrewardpad.xyz — MALICIOUS > etherealrewardpad.xyz is a crypto drainer site flagged by 5/95 VirusTotal engines. Avoid it—verify safety on PhishDestroy. ## Summary PhishDestroy identifies etherealrewardpad.xyz as an active crypto drainer posing as a reward platform. The domain lures victims with false incentives before deploying malicious JavaScript to steal cryptocurrency from connected wallets. While no specific brand is directly impersonated, the site mimics promotional reward schemes common in crypto communities, leveraging urgency and perceived legitimacy to trick users into connecting their wallets. This domain exhibits multiple red flags across technical and behavioral indicators. VirusTotal reports a 5/95 detection ratio with 2 security vendors blocking access. Registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on October 20, 2025, the site resolves to IP 104.21.23.109 and holds a valid SSL certificate from Google Trust Services. It has been flagged by MetaMask and SEAL, and appears on two known blocklists. The recent creation date and active blocking by wallet security tools underscore its malicious intent within days of going live. As of this assessment, etherealrewardpad.xyz remains active and poses an elevated risk to users interacting with it. The domain’s use of HTTPS and timely domain registration are tactics designed to bypass initial scrutiny. Immediate avoidance is strongly advised. Users are urged to verify any unknown reward-related sites using PhishDestroy before engaging. Remaining risk is high due to the site’s aggressive propagation and recent deployment, requiring continued monitoring and user vigilance. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-10-20 13:41:09 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 104.21.23.109 ## Detection Status - VirusTotal: 5 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["MetaMask", "SEAL"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/dc9c71fa-8de9-418c-a137-b36c105fca82 - PhishDestroy: https://phishdestroy.io/domain/etherealrewardpad.xyz/ - LLM endpoint: https://phishdestroy.io/domain/etherealrewardpad.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/etherealrewardpad.xyz/ Last updated: 2026-03-27