# hyperxyz.trade — SUSPICIOUS

> hyperxyz.trade is a new credential-harvesting site luring users with fake promotions. Flagged by 0 of 95 VirusTotal vendors, it was registered on March 14,.

## Summary
The domain hyperxyz.trade is identified by PhishDestroy as an active credential-harvesting phishing site. This threat involves the impersonation of a legitimate e-commerce or promotional brand to deceive users into submitting login credentials or payment information through counterfeit forms hosted on the fraudulent domain. The site is currently live and engaged in active phishing campaigns, posing immediate risk to unsuspecting visitors.  This domain was flagged by 0 of 95 VirusTotal vendors, indicating no detection from current antivirus or security platforms as of the latest scan. It was registered through Namecheap Inc on March 14, 2026, and resolves to the IP address 13.112.212.143. The domain utilizes a Let’s Encrypt SSL certificate, which may create a false sense of security by displaying padlock icons in browsers. Current blocklist status and domain trust scores are not yet available, and the site’s recent registration suggests rapid deployment to evade early detection mechanisms.  The active status of hyperxyz.trade, combined with the absence of antivirus detection and the use of a recently registered domain with a valid SSL certificate, indicates an elevated risk of successful credential harvesting. Users are advised not to interact with this domain or any linked pages. Organizations and individuals should block access to 13.112.212.143 at the network level and report the domain to their security teams and phishing reporting platforms. Immediate password rotation and monitoring for credential misuse are recommended if potential exposure has occurred. This domain should be treated as hostile until further intelligence confirms otherwise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-14 22:53:50
- Registrar: NAMECHEAP INC
- IP: 13.112.212.143

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4fd07625-83b3-4937-b184-d26821c9e9c1
- PhishDestroy: https://phishdestroy.io/domain/hyperxyz.trade/
- LLM endpoint: https://phishdestroy.io/domain/hyperxyz.trade/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/hyperxyz.trade/
Last updated: 2026-03-22