# gro90p-cointelegraph.com — SUSPICIOUS > gro90p-cointelegraph.com is a crypto drainer designed to impersonate CoinTelegraph. Detected by only 0/95 VirusTotal engines. Avoid this site immediately. ## Summary PhishDestroy identifies gro90p-cointelegraph.com as an active crypto drainer domain created on March 28, 2026, designed to mimic CoinTelegraph and steal cryptocurrency via deceptive links. This domain was flagged as generic_phishing with a status of active and an under-investigation risk level, indicating ongoing analysis by threat intelligence teams. This domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and currently shows zero detections out of 95 engines on VirusTotal, highlighting the importance of user vigilance. The domain resolves to IP 104.21.67.236 and uses a Let's Encrypt SSL certificate, tactics commonly employed to appear legitimate. Its recent creation date and low detection rate suggest this scam is in early deployment phases, likely targeting users seeking crypto news or services. If you visited gro90p-cointelegraph.com, disconnect any connected wallets immediately, revoke unauthorized permissions, and scan your device for malware. Report the domain to your antivirus provider and avoid interacting with any links or forms on the site. Monitor your transaction histories for unauthorized transfers and consider using hardware wallets for enhanced security against such crypto drainers. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-28 04:45:51 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 104.21.67.236 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/49457782-8633-4920-9f88-b0a544dfdc3c - PhishDestroy: https://phishdestroy.io/domain/gro90p-cointelegraph.com/ - LLM endpoint: https://phishdestroy.io/domain/gro90p-cointelegraph.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/gro90p-cointelegraph.com/ Last updated: 2026-03-28