# galaxydesktop.live — MALICIOUS > Beware! galaxydesktop.live is a crypto drainer impersonating Galaxy Desktop. VirusTotal flags it: 8/95 vendors detected. Verify on PhishDestroy before clicking. ## Summary PhishDestroy identifies galaxydesktop.live as an active crypto drainer posing as a legitimate desktop application. This domain mimics Galaxy Desktop to trick users into connecting crypto wallets, where funds are illicitly drained upon authorization. Users should treat this domain as hostile and avoid interaction entirely. This domain was flagged by 8 of 95 VirusTotal security vendors, Google Safe Browsing under its SOCIAL_ENGINEERING category, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. It was created on March 18, 2026, and resolves to IP address 216.198.79.1. Its SSL certificate is issued by Let's Encrypt, a tactic often exploited to appear legitimate. Given its new registration, zero historical trust, and multiple blocklist detections, galaxydesktop.live presents an elevated risk of immediate financial harm. If you have visited galaxydesktop.live or interacted with it, immediately revoke any connected wallet permissions, transfer remaining assets to a clean wallet, and run a malware scan. Do not approve any unsolicited wallet connections or enter sensitive information. Report the domain to PhishDestroy for verification and block it on your network. Stay alert—crypto drainers often pose as software updates or toolkits to bypass user scrutiny. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-18 15:21:10 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 216.198.79.1 ## Detection Status - VirusTotal: 8 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/44511e4c-02cd-460e-879a-17d9d41b0a6c - PhishDestroy: https://phishdestroy.io/domain/galaxydesktop.live/ - LLM endpoint: https://phishdestroy.io/domain/galaxydesktop.live/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/galaxydesktop.live/ Last updated: 2026-03-23