# houdniiswap.com — SUSPICIOUS

> houdniiswap.com is a confirmed crypto drainer posing as a swap DEX. 1/95 VirusTotal engines flag this domain.

## Summary
PhishDestroy identifies houdniiswap.com as an active crypto drainer site impersonating a decentralized exchange for token swaps. The domain uses deceptive branding to trick cryptocurrency traders into connecting wallets and signing malicious transactions that silently drain funds. Technical analysis shows it integrates a drainer kit designed to exploit wallet signatures and approve token transfers without user awareness.


This domain was flagged with a VirusTotal detection rate of 1 out of 95 security vendors as of the latest scan. It is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolves to IP address 188.114.97.3, and was created on October 11, 2025. Despite having a valid SSL certificate from Google Trust Services, the domain remains untrusted and appears on blocklists due to its malicious intent. The combination of recent registration, low detection coverage, and active hosting indicates a newly deployed threat with high evasion potential.


As of now, houdniiswap.com remains active and poses an elevated risk to users who interact with it. PhishDestroy recommends immediate avoidance and strongly advises users who have already visited the site not to connect any wallets or sign transactions. The current risk level is elevated, and while domain takedown efforts are ongoing, no guarantee of removal can be provided. Users are urged to verify any decentralized exchange site using PhishDestroy’s real-time scanner before proceeding with transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-10-11 21:57:48
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/houdniiswap.com
- PhishDestroy: https://phishdestroy.io/domain/houdniiswap.com/
- LLM endpoint: https://phishdestroy.io/domain/houdniiswap.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/houdniiswap.com/
Last updated: 2026-04-08