# fercuann.icu — SUSPICIOUS

> fercuann.icu is a brand-new crypto drainer site with 0/95 VirusTotal detections. Avoid clicking any links or inputting wallet data to prevent theft.

## Summary
PhishDestroy identifies fercuann.icu as an active crypto drainer domain operating under investigation as a generic phishing threat (seed ff66ee). This domain exhibits hallmark traits of crypto-draining infrastructure, including a trending registration timeline and minimal security scrutiny despite its suspicious nature. No specific cryptocurrency brand is imitated in the observed intelligence, suggesting a generalized wallet-draining approach targeting multichain users. The site likely employs social engineering vectors such as fake airdrop claims or fraudulent token announcements to lure victims into connecting wallets and signing malicious transactions.

Technical analysis reveals critical indicators: the domain resolves to IP 43.169.13.15 via TrustAsia-issued SSL, was registered on March 23, 2026 through Dominet (HK) Limited, and currently shows 0 detections on VirusTotal (0/95 engines). Public blocklist aggregation tools have not yet flagged the domain. This combination of factors—new TLD registration, absence of reputable reputation, and low detection coverage—creates elevated exposure for users interacting with digital assets or cryptographic services.

The domain remains active and under live investigation with a status labelled under_investigation. Immediate response actions include immediate network-level blocking of fercuann.icu and 43.169.13.15, user education to avoid wallet connections or data entry, and proactive scanning of gateway logs for traffic to this domain. Remaining risk is assessed as moderate to high due to the drainer’s likely focus on high-value crypto users and the lag time in detection engine updates. Continuous monitoring of VT score trajectory and emergent phishing campaigns is essential to contain potential losses pending full takedown.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-23 15:01:32
- Registrar: Dominet (HK) Limited
- IP: 43.169.13.15

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4232b050-c3d3-41ff-80e0-3cf2969da5a7
- PhishDestroy: https://phishdestroy.io/domain/fercuann.icu/
- LLM endpoint: https://phishdestroy.io/domain/fercuann.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/fercuann.icu/
Last updated: 2026-03-24