# hey-mint.app — SUSPICIOUS

> PhishDestroy flags hey-mint.app as a crypto drainer, with only 2 of 95 VirusTotal scanners detecting it. Verify safety before you connect.

## Summary
PhishDestroy identifies hey-mint.app as an active crypto-draining website that quietly empties digital wallets when victims connect a wallet or sign a transaction. Instead of offering genuine services, the site silently approves token transfers and drains funds to attacker-controlled addresses in seconds. All wallet interactions should be treated as high-risk because the page never reveals its true intent until after approvals are given.  This domain was flagged by ScamSniffer and is blocked in several community blocklists. hey-mint.app was created on November 06, 2025—only days before our analysis—and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. VirusTotal shows only 2 out of 95 security engines currently detect it, and it resolves to 104.21.17.133 behind a Google Trust Services SSL certificate to appear legitimate. Despite the fresh registration and low detection rate, independent researchers have already added it to one known blocklist, confirming malicious activity.  If you visited hey-mint.app or connected any wallet, immediately revoke any token approvals or suspicious permissions in your wallet settings. Disconnect the wallet from all websites, move remaining assets to a fresh wallet, and consider hardware wallet isolation for sensitive funds. Report the domain to PhishDestroy and your wallet provider to help prevent further theft. Always verify new sites with current threat intelligence before entering credentials or signing transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-11-06 11:48:35
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.17.133

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["ScamSniffer"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c26fd8d3-2bef-4e4d-9bd8-040343e570c0
- PhishDestroy: https://phishdestroy.io/domain/hey-mint.app/
- LLM endpoint: https://phishdestroy.io/domain/hey-mint.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/hey-mint.app/
Last updated: 2026-03-26