# goldeneyes78.xyz — MALICIOUS

> goldeneyes78.xyz operates as a crypto credential theft page, flagged by 15/95 VirusTotal vendors since March 2025. Immediate block recommended.

## Summary
PhishDestroy identifies goldeneyes78.xyz as an active crypto credential theft domain posing elevated risk to users handling digital assets. This domain is engineered to mimic legitimate cryptocurrency platforms or services, tricking victims into surrendering wallet credentials or private keys under the guise of authentication or transaction verification.  This domain resolves to IP 192.64.119.224 and was registered through Namecheap on March 17, 2025. Security telemetry from VirusTotal confirms 15 out of 95 threat detection engines flagged goldeneyes78.xyz as malicious, indicating partial but concerning coverage. Given its recent registration and low blocklist saturation, the domain likely represents a newly deployed campaign targeting crypto users. The low detection ratio suggests attackers may be rotating infrastructure or using evasive tactics to delay blacklisting.  Users who visited goldeneyes78.xyz should immediately audit their cryptocurrency wallets for unauthorized transactions and revoke any exposed API keys or permissions. If credentials were entered, migrate funds to a new wallet and enable multi-factor authentication where possible. Report the domain to your security team and block it at the network perimeter. Monitor for related domains registered after March 17, 2025, as threat actors often rapidly deploy new variants to sustain campaigns.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-03-17 21:00:40
- Registrar: Namecheap
- IP: 192.64.119.224

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4e4e9e8a-a59c-46cf-a4a2-b42c56ffe9b3
- PhishDestroy: https://phishdestroy.io/domain/goldeneyes78.xyz/
- LLM endpoint: https://phishdestroy.io/domain/goldeneyes78.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/goldeneyes78.xyz/
Last updated: 2026-03-23