# evgeniakim.world — SUSPICIOUS > PhishDestroy identifies evgeniakim.world as a crypto drainer domain active since July 2025. 3/95 vendors flagged this site. Verify on phishdestroy. ## Summary PhishDestroy identifies the domain evgeniakim.world as an active crypto-draining threat, a type of phishing attack that surreptitiously transfers cryptocurrency from victims’ wallets to attacker-controlled addresses. The site does not prominently impersonate a specific brand; instead it uses generic “investment” or “giveaway” lures to trick visitors into connecting a wallet, after which a drainer script silently siphons tokens. Based on seed 02ffea IOCs, this campaign is currently classified at an elevated risk level and remains live on the public Internet. Domain forensic analysis reveals several red flags. VirusTotal flags evgeniakim.world at 3 out of 95 security vendors, indicating limited—but growing—detection. The domain is registered through Web Commerce Communications Limited dba WebNic.cc and resolves to IP 188.114.97.3. The certificate is issued by Google Trust Services, which does not inherently indicate legitimacy for crypto-draining sites. Registration occurred on July 16, 2025—exactly three weeks before this report—suggesting a very recent campaign intended to capitalize on summer trading activity. As of today, evgeniakim.world remains active and is not yet widely blocked; only 3 of 95 vendors flag it. No takedown or sinkholing action has been publicly recorded. Users are advised to block 188.114.97.3 at the network perimeter and avoid visiting evgeniakim.world. Remaining risk is elevated because the domain is fresh, the lure is generic but effective for crypto users, and detection signatures are still propagating. PhishDestroy continues to monitor and will update IOC feeds accordingly. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-07-16 09:04:54 - Registrar: Web Commerce Communications Limited dba WebNic.cc - IP: 188.114.97.3 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/evgeniakim.world - PhishDestroy: https://phishdestroy.io/domain/evgeniakim.world/ - LLM endpoint: https://phishdestroy.io/domain/evgeniakim.world/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/evgeniakim.world/ Last updated: 2026-04-02