# gro58v-cryptoslate.com — SUSPICIOUS > gro58v-cryptoslate.com is a live crypto drainer phishing site with 0/95 VirusTotal detections. Avoid connecting wallets or entering credentials. ## Summary PhishDestroy identifies gro58v-cryptoslate.com as an active crypto drainer phishing domain masquerading under a spoofed 'CryptoSlate' branding theme to trick users into approving malicious wallet transactions. The site leverages a crypto-drainer kit designed to siphon digital assets from unwitting victims by prompting wallet connection approvals under false pretenses. The kit is currently deployed with no known antivirus detections on VirusTotal, enabling undetected operations to persist. Technical indicators confirm a high-risk profile: the domain resolves to IP 75.2.60.5, utilizes a Let's Encrypt SSL certificate to appear legitimate, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. The domain was created on April 12, 2026, making it extremely new and lacking historical trust. Current VirusTotal analysis shows 0 detections across 95 engines, indicating zero proactive blocking. No Google Safe Browsing (GSB) flag is recorded, and no public blocklist entries have been documented as of this investigation. These factors collectively suggest a low-profile, high-impact threat with minimal prior scrutiny. As of this report, gro58v-cryptoslate.com remains active and unblocked by major security platforms, posing a significant risk to cryptocurrency users engaging with crypto news or service platforms. Immediate defensive actions include network-level blocking of the domain and IP, submission to threat intelligence platforms for signature generation, and consumer advisories to avoid wallet connections. While the crypto drainer kit’s technical sophistication remains under analysis, the domain’s fresh registration, absence of detections, and zero blocklist presence elevate its threat level to 'under investigation' with escalating risk potential. Users are urged to refrain from interacting with the domain and report any encounters to their security teams or via PhishDestroy’s submission portal for further processing. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-12 03:05:27 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 75.2.60.5 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/aab5de46-a946-4d6d-8c79-a6a4cd604b9e - PhishDestroy: https://phishdestroy.io/domain/gro58v-cryptoslate.com/ - LLM endpoint: https://phishdestroy.io/domain/gro58v-cryptoslate.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/gro58v-cryptoslate.com/ Last updated: 2026-04-13