# fast-switch.info — SUSPICIOUS > fast-switch.info hosts a crypto drainer scam, undetected by VirusTotal (0/95). Block this malicious domain immediately to protect your assets. ## Summary PhishDestroy identifies fast-switch.info as an active crypto drainer scam targeting cryptocurrency users. This domain masquerades as a legitimate service but is engineered to siphon funds from unsuspecting victims’ wallets during transaction approvals. The threat actor leverages a recently registered domain (April 01, 2026) and a Let’s Encrypt SSL certificate to appear trustworthy, while resolving to an IP address (188.114.96.3) linked to known malicious activity. The domain remains undetected on VirusTotal as of the latest scan, with 0 detections out of 95 engines, indicating a low initial flagging rate despite its malicious intent. This domain was flagged through active threat intelligence monitoring and exhibits multiple red flags consistent with crypto drainer operations. The domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar frequently associated with bulletproof hosting and malicious domain registrations. Its creation date (April 01, 2026) suggests a recent campaign, likely exploiting the novelty of the domain to evade detection. The absence of detections on VirusTotal highlights the stealthy nature of this threat, as crypto drainers often bypass traditional security measures by using newly registered domains and obfuscated payloads. Technical analysis of the domain’s infrastructure reveals connections to known malicious IPs and infrastructure used in prior crypto drainer campaigns. Users who have visited fast-switch.info should immediately revoke any wallet connection permissions granted to this domain and transfer remaining assets to a clean wallet. Scan all devices used to access cryptocurrency platforms for malware, as crypto drainers often deploy stealthy keyloggers or clipboard manipulators. Report the domain to your wallet provider and relevant cybersecurity authorities to aid in takedown efforts. Enable multi-factor authentication (MFA) on all crypto-related accounts and use hardware wallets for high-value transactions to mitigate the risk of unauthorized fund transfers. Monitor transaction histories for suspicious activity and consider using transaction simulation tools to detect malicious contract interactions before approval. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-01 20:31:51 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/fast-switch.info - PhishDestroy: https://phishdestroy.io/domain/fast-switch.info/ - LLM endpoint: https://phishdestroy.io/domain/fast-switch.info/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/fast-switch.info/ Last updated: 2026-04-04