# jito.restake.network — MALICIOUS — Crypto Drainer (Angel Drainer) > jito.restake.network is a high-risk crypto drainer flagged for social engineering. Stay safe—avoid this site and protect your crypto assets now. ## Summary PhishDestroy identifies jito.restake.network as a high-risk crypto drainer domain that was actively used to steal cryptocurrency assets through deceptive tactics. This malicious site was flagged by Google Safe Browsing for social engineering and appeared on multiple security blocklists, signaling a serious threat to users interacting with it. The domain falsely presented itself under the guise of the Jito Foundation airdrop, enticing victims to engage and ultimately compromising their crypto wallets. The phishing scheme behind jito.restake.network leveraged the Angel Drainer kit, a known tool designed to extract private keys and drain funds from victims' wallets. Users were lured by promises of airdrops or rewards, prompting them to connect their wallets or input sensitive information. Once the credentials were captured, the attackers could swiftly transfer all funds out, leaving victims with irreversible losses. This domain was registered recently, in December 2025, and resolved to an IP address (208.113.164.146) that is now offline, indicating takedown efforts. If you have visited jito.restake.network or interacted with the site, it is crucial to act immediately. Disconnect any linked wallets and revoke permissions granted to suspicious applications. Monitor your crypto accounts for unauthorized transactions and consider transferring remaining funds to a new secure wallet. Running security scans and updating your device’s security settings can help prevent further compromise. Always verify airdrop sources through official channels before participation to avoid falling victim to similar scams. ## Threat Details - Verdict: MALICIOUS — Crypto Drainer (Angel Drainer) - Site status: dead (HTTP 403) - Drainer type: Angel Drainer - Scam type: Airdrop Scam - Kit: Airdrop Scam - Page title: Jito Foundation | Airdrop ## Domain Intelligence - Registered: 2025-12-03 00:00:00 - Expires: 2026-12-03 00:00:00 - Registrar: ENOM, INC. - Country: US - IP: 208.113.164.146 - IP Country: US - IP City: Leesburg - IP Org: AS26347 New Dream Network, LLC - Nameservers: ns1.dreamhost.com ns2.dreamhost.com ns3.dreamhost.com - SSL Issuer: none ## Detection Status - VirusTotal: 12 vendors flagged Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "Fortinet", "G-Data", "Google Safebrowsing", "Gridinsoft", "Lionic", "SOCRadar", "Sophos"] - Google Safe Browsing: FLAGGED - Blocklists: 3 hits Lists: ["PhishDestroy", "MetaMask", "ScamSniffer"] ## Evidence - Screenshot: https://urlscan.io/screenshots/019afc29-72cb-742d-a0f6-bc1ea4495b2c.png - Cloudflare Radar: https://radar.cloudflare.com/scan/6b64e791-87d6-438f-962d-5e18798bf6c5 - PhishDestroy: https://phishdestroy.io/domain/jito.restake.network/ - LLM endpoint: https://phishdestroy.io/domain/jito.restake.network/llm.txt ## If You Visited This Site 1. Revoke all token approvals immediately (revoke.cash / unrekt.net) 2. Move remaining funds to a new wallet 3. Do not interact with any transactions from this site 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/jito.restake.network/ Last updated: 2026-03-19