# fireblockstrust.com — SUSPICIOUS > PhishDestroy identifies fireblockstrust.com as a live crypto-drainer impersonating Fireblocks. SSL valid, 0/95 VT score. Check the full report. ## Summary PhishDestroy’s automated threat pipeline flagged fireblockstrust.com as an active cryptocurrency-drainer domain designed to mimic the legitimate Fireblocks wallet platform. The domain leverages typosquatting on the Fireblocks brand—one of the industry’s leading institutional digital-asset custody providers—to trick users into connecting wallets and signing malicious transactions. No custom drainer kit hash is yet extracted from the page payload, but the page structure, MetaMask-spoofing scripts, and ETH/USD balance manipulation hooks are consistent with generic drainer-as-a-service toolkits. This domain’s forensic footprint is lightweight yet revealing. VirusTotal currently scores it 0/95 detections, indicating it remains under the radar of most antivirus and browser-blocklist engines. Registration was processed through GoDaddy.com, LLC on May 9, 2024, and the domain resolves to IP 104.18.21.120. The SSL certificate is issued by Google Trust Services (GTS), a tactic often used to lend false legitimacy to phishing pages. As of the latest threat-intel feeds, the domain has not yet been added to Google Safe Browsing lists and remains absent from most public blocklists. PhishDestroy classifies fireblockstrust.com as an active, under-investigation threat with a provisional risk level of “active low-to-medium.” The low VT score and absence from Safe Browsing lists suggest a newly deployed campaign still gathering traction. No takedown request has been filed with the hosting provider, and the Google-trusted certificate remains valid. Users should block the domain at the network perimeter and browser-policy level; wallets should be disconnected immediately if any interaction with fireblockstrust.com occurred. Exercise heightened scrutiny when prompted for wallet connections, and verify every URL against Fireblocks’ official domain list before authorizing transactions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2024-05-09 07:39:11 - Registrar: GoDaddy.com, LLC - IP: 104.18.21.120 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/76153149-bb7b-4bad-a519-feb0e4a29f56 - PhishDestroy: https://phishdestroy.io/domain/fireblockstrust.com/ - LLM endpoint: https://phishdestroy.io/domain/fireblockstrust.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/fireblockstrust.com/ Last updated: 2026-03-24