# genowex.com — SUSPICIOUS

> genowex.com is a live crypto drainer site with 0/95 VirusTotal detections, posing as a legitimate brand. Cease all interactions immediately.

## Summary
PhishDestroy identifies genowex.com as an active crypto drainer, currently under investigation for fraudulent credential theft activities. The domain was registered on March 28, 2026, through MAT BAO CORPORATION and resolves to IP address 172.67.143.43. The site is equipped with a Let's Encrypt SSL certificate, further obscuring its malicious nature while attempting to appear legitimate to visitors. At the time of analysis, VirusTotal returned zero detections from 95 participating vendors, indicating a relatively new or stealthily operated threat actor leveraging zero-day or unflagged infrastructure.


Technical indicators associated with this domain include its recent creation date, which aligns with fast-flux tactics to evade detection before establishing a footprint. The domain’s registrar, MAT BAO CORPORATION, has been flagged in prior abuse reports, though no specific blocklist associations are identified for genowex.com at this time. Trust scores and historical data remain minimal due to the domain’s infancy, and the absence of VirusTotal detections suggests this threat remains in an early stage of deployment. The use of a shared IP address (172.67.143.43) hosting multiple domains amplifies the risk profile, as lateral movement between sites could occur rapidly.


As of the latest threat assessment, genowex.com poses a HIGH RISK to users engaging with cryptocurrency platforms or wallet services. The domain’s specific behavior as a crypto drainer—designed to siphon digital assets through deceptive transaction prompts—requires immediate defensive action. Organizations and individuals are advised to block all inbound and outbound connections to 172.67.143.43 and genowex.com at the network perimeter. Additionally, update DNS sinkholes and endpoint detection rules to quarantine any associated IPs or domains. Users who have interacted with this site should revoke any exposed credentials, transfer remaining assets to cold storage, and conduct a comprehensive forensic review of system integrity. Monitor emerging threat intelligence feeds for updated Indicators of Compromise (IOCs) linked to this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-28 02:07:22
- Registrar: MAT BAO CORPORATION
- IP: 172.67.143.43

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/genowex.com
- PhishDestroy: https://phishdestroy.io/domain/genowex.com/
- LLM endpoint: https://phishdestroy.io/domain/genowex.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/genowex.com/
Last updated: 2026-04-04