# houdiniswp.com — SUSPICIOUS

> houdiniswp.com flagged for crypto drainer phishing. VirusTotal detected by 1/95 vendors. Avoid interaction and report immediately.

## Summary
PhishDestroy identifies houdiniswp.com as an active crypto drainer domain leveraging brand impersonation tactics. This domain, registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, was created on October 11, 2025, and currently resolves to IP 172.67.143.35. Security vendor analysis reveals 1 out of 95 engines flagged it, indicating a low but present detection rate for malicious activity. The presence of a Google Trust Services SSL certificate suggests an attempt to appear legitimate, while the domain's recent registration and minimal blocklist presence point to a potentially emerging threat.  Technical indicators confirm elevated risk: the domain exhibits a VirusTotal detection ratio of 1/95, associates with IP 172.67.143.35, and aligns with a NICENIC registration. Its creation date—October 11, 2025—is recent, and the Google SSL certificate may be abused to evade browser warnings. The low VT score suggests stealth but not immunity, as detection mechanisms continue to evolve.  Currently, houdiniswp.com remains active with an elevated risk status. Immediate actions include blocking the domain at DNS and firewall levels, flagging the associated IP, and sharing IOCs with threat intelligence platforms. Remaining risk stems from possible delayed detection and the domain's recent inception. Users are advised to avoid interaction and report any suspicious transactions involving this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-10-11 21:57:29
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.143.35

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/houdiniswp.com
- PhishDestroy: https://phishdestroy.io/domain/houdiniswp.com/
- LLM endpoint: https://phishdestroy.io/domain/houdiniswp.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/houdiniswp.com/
Last updated: 2026-04-08