# hudiniswap.com — SUSPICIOUS

> hudiniswap.com is a newly registered crypto drainer posing as a swap service. Users should avoid this domain after VirusTotal reports 0/95 detections despite.

## Summary
PhishDestroy identifies hudiniswap.com as a generic phishing domain currently under investigation, operating with an active crypto-drainer threat profile. This recently registered domain leverages a deceptive Swap service branding to lure cryptocurrency users into connecting wallets and authorizing fraudulent transactions. No known drainer kit fingerprints have been extracted from the landing page at this time, but the site’s structure closely mirrors documented crypto-drainer TTPs observed in 2025 campaigns. The infrastructure is provisioned with minimal obfuscation, signaling early-stage deployment rather than mature operation.

Technical indicators place the domain on concerning footing: VirusTotal currently scores the site 0/95 detections with no vendor flagging the payload, despite hosting on IP 104.21.74.252 (AS13335 Cloudflare, Inc.) since February 03 2026. Registration was processed by NICENIC INTERNATIONAL GROUP CO., LIMITED through a privacy-protected flow, and the domain acquired a Google Trust Services SSL certificate to enhance credibility. At present, public blocklists show zero listings for the domain or its hosting IP, indicating a newly emerged, unmitigated threat.

The domain remains in active status with a risk level marked under_investigation, suggesting rapid evolution and potentially expanding targeting scope. PhishDestroy has appended the domain seed 17b981 to internal watchlists and recommends immediate network and endpoint blocking of 104.21.74.252 and hudiniswap.com. Users should avoid accessing the site and revoke any prior wallet connections established via this domain. Remaining risk is assessed as moderate to high given the absence of detections, live hosting, and crypto-centric lure; mitigation hinges on proactive threat hunting and rapid signature development to stem potential victimization.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-03 20:42:24
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.74.252

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/hudiniswap.com
- PhishDestroy: https://phishdestroy.io/domain/hudiniswap.com/
- LLM endpoint: https://phishdestroy.io/domain/hudiniswap.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/hudiniswap.com/
Last updated: 2026-04-08