# flat-lake-5529.cddfe.workers.dev — SUSPICIOUS

> flat-lake-5529.cddfe.workers.dev is a crypto drainer site with 0/95 VirusTotal detections. Avoid visiting to protect your crypto assets.

## Summary
PhishDestroy identifies flat-lake-5529.cddfe.workers.dev as a crypto drainer posing as a legitimate service. This domain tricks users into connecting crypto wallets and authorizing unauthorized transactions. Once linked, the drainer silently transfers tokens to attacker-controlled wallets, often draining entire balances within seconds.


This domain was flagged with 0 detections out of 95 VirusTotal scans and resolves to Cloudflare IP 172.67.188.137. Let's Encrypt issued its SSL certificate, and the site is currently registered under Cloudflare, Inc. These indicators suggest a recently deployed campaign leveraging trusted infrastructure to evade detection.


If you visited this site, immediately revoke wallet permissions via your wallet’s connection settings or app. Transfer remaining assets to a new wallet, and scan devices for malware. Report the domain to your antivirus and crypto platform to help block future attacks.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.67.188.137

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/141a1c58-436b-4ee3-8e7e-43ebd11b174e
- PhishDestroy: https://phishdestroy.io/domain/flat-lake-5529.cddfe.workers.dev/
- LLM endpoint: https://phishdestroy.io/domain/flat-lake-5529.cddfe.workers.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/flat-lake-5529.cddfe.workers.dev/
Last updated: 2026-04-01