# genusne.click — MALICIOUS

> genusne.click is a confirmed cryptocurrency drainer site flagged by 21/95 security vendors. This domain was registered on March 05, 2026. Check the full report.

## Summary
PhishDestroy identifies genusne.click as an active cryptocurrency drainer site engaged in targeted phishing operations. The domain was registered through Dynadot, LLC on March 05, 2026, and resolves to IP 37.77.150.150. While no specific brand or drainer kit has been attributed publicly, the infrastructure aligns with known cryptocurrency theft campaigns that intercept wallet connections or seed phrase inputs. The site operates under a generic name with no established legitimacy, suggesting opportunistic targeting of crypto users.  This domain exhibits strong malicious indicators, including a VirusTotal detection rate of 21 out of 95 security vendors, placing it in the elevated risk tier. It was registered via Dynadot, LLC on March 05, 2026, and resolves to IP address 37.77.150.150. Notably, genusne.click is currently unlisted in Google Safe Browsing (GSB), which may indicate either a newly activated campaign or evasion tactics. The domain is blocked by two security blocklists, including Hagezi and Maltrail, reinforcing its hostile classification.  As of the latest assessment, genusne.click remains active and poses an elevated threat to unsuspecting visitors, particularly those engaging with cryptocurrency platforms. Immediate defensive actions include network-level blocking via DNS and firewall rules at the IP and domain levels. Users are advised to avoid visiting this domain and to verify any unexpected links via trusted sources. The lingering risk stems from potential evolution of the campaign or rebranding under new domains, warranting continued monitoring and proactive threat hunting.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-05 12:30:31
- Registrar: Dynadot, LLC
- IP: 37.77.150.150

## Detection Status
- VirusTotal: 21 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["Hagezi", "Maltrail"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0d99eb1d-8f1b-42be-97e3-cb63750899a8
- PhishDestroy: https://phishdestroy.io/domain/genusne.click/
- LLM endpoint: https://phishdestroy.io/domain/genusne.click/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/genusne.click/
Last updated: 2026-03-23