# finderos.ai — SUSPICIOUS

> Beware: finderos.ai is a crypto drainer phishing site claiming to offer fake wallet logins. Zero VirusTotal detections.

## Summary
PhishDestroy identifies finderos.ai as a live crypto drainer phishing domain designed to trick users into connecting malicious cryptocurrency wallets under the guise of a wallet login portal. Victims who enter their wallet credentials or connect their wallet to the site risk unauthorized fund transfers and asset theft. This domain poses an immediate financial threat to cryptocurrency users who may unknowingly interact with it while searching for legitimate wallet services.

This domain was flagged by PhishDestroy after analysis revealed zero detections on VirusTotal (0/95 engines) despite its recent creation date of March 15, 2026. The domain resolves to IP address 109.172.94.187 and was registered through Dynadot Inc., a commonly exploited registrar for malicious domains. The use of a Let's Encrypt SSL certificate further mimics legitimacy, aiming to deceive visitors into trusting the site’s false wallet interfaces.

If you visited finderos.ai or entered any wallet information, disconnect your device from the internet immediately, revoke any connected wallet permissions using tools like WalletConnect or your wallet’s built-in security features, and transfer remaining funds to a newly generated wallet address. Run a full antivirus scan and consider enabling multi-factor authentication on all crypto-related accounts. Report the domain to PhishDestroy for further investigation and avoid interacting with any related links or communications to prevent further exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-15 11:15:56
- Registrar: Dynadot Inc
- IP: 109.172.94.187

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1e1b0154-c69b-45c1-8dea-5d8e5d25e0e2
- PhishDestroy: https://phishdestroy.io/domain/finderos.ai/
- LLM endpoint: https://phishdestroy.io/domain/finderos.ai/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/finderos.ai/
Last updated: 2026-03-23