# jup-exchange.sbs — SUSPICIOUS > Domain jup-exchange.sbs is a crypto drainer impersonating Jupiter. VT score 0/95, resolves to 188.114.97.3. Verify on PhishDestroy before interacting. ## Summary Domain jup-exchange.sbs has been flagged for brand impersonation targeting the Jupiter cryptocurrency platform. This domain is suspected to host a crypto drainer kit designed to siphon funds from unsuspecting users by mimicking Jupiter’s official exchange interface. The threat remains under active investigation to determine the full scope of malicious functionality, including whether the drainer uses clipboard manipulation, fake wallet connectors, or phishing overlays. PhishDestroy identifies jup-exchange.sbs as resolving to IP address 188.114.97.3 with a VirusTotal detection score of 0/95 engines, indicating it has not yet been widely flagged despite its malicious intent. The domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 27, 2026, and currently holds a valid Let's Encrypt SSL certificate. It has not been added to Google Safe Browsing (GSB) and remains absent from major blocklists, highlighting a critical window for proactive takedown or user awareness. As of this report, jup-exchange.sbs remains active with an under_investigation status, posing an emerging risk to users searching for Jupiter-related services. Response actions may include domain takedown requests, IP-based blocking, and updating threat intelligence feeds. While current risk is elevated due to the lack of detection coverage, users are strongly advised to verify any Jupiter-related links using PhishDestroy and avoid direct interactions with jup-exchange.sbs until its status is clarified. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Jupiter ## Domain Intelligence - Registered: 2026-03-27 12:33:01 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/49b17cf9-23e0-46bd-8f66-32b44d6dafbe - PhishDestroy: https://phishdestroy.io/domain/jup-exchange.sbs/ - LLM endpoint: https://phishdestroy.io/domain/jup-exchange.sbs/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/jup-exchange.sbs/ Last updated: 2026-03-28