# hyperliquid.ist — SUSPICIOUS

> PhishDestroy identifies hyperliquid.ist as a brand-impersonation phishing site targeting Hyperliquid users.

## Summary
PhishDestroy identifies hyperliquid.ist as an active brand-impersonation phishing domain targeting Hyperliquid users. This fraudulent site mimics the legitimate Hyperliquid platform to steal credentials or inject malicious payloads. Visitors risk account takeovers, financial loss, or malware infections if they enter login details or interact with the page. The threat is classified as 'under investigation' due to limited historical data, but early indicators suggest active deployment in phishing campaigns.  This domain was flagged by PhishDestroy on June 10, 2025. Technical analysis reveals it resolves to IP 185.253.212.22, registered through Key-Systems GmbH on June 08, 2025. The site uses a Let's Encrypt SSL certificate, adding a false sense of legitimacy. VirusTotal currently shows 0/95 detections, meaning no antivirus engines flagged it at time of analysis. The domain’s recent creation and low detection rate highlight the urgency of investigation.  If you visited hyperliquid.ist, assume your data may have been compromised. Do not reuse passwords from this site on other accounts. Clear browser cache and cookies, then run a malware scan on your device. Report the domain to your IT team or security provider. For further guidance, review PhishDestroy’s full threat report using seed 358583 to access contextualized intelligence.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Hyperliquid

## Domain Intelligence
- Registered: 2025-06-08 09:57:07
- Registrar: Key-Systems GmbH
- IP: 185.253.212.22

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1cab4ae1-cf5c-4f59-874b-e0da984c4228
- PhishDestroy: https://phishdestroy.io/domain/hyperliquid.ist/
- LLM endpoint: https://phishdestroy.io/domain/hyperliquid.ist/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/hyperliquid.ist/
Last updated: 2026-03-28