# kanimex.com — MALICIOUS

> PhishDestroy identifies kanimex.com, a brand impersonation site mimicking MEXC. This crypto-drainer-linked domain scored 8/95 on VirusTotal.

## Summary
PhishDestroy identifies kanimex.com as an active brand impersonation domain targeting MEXC, designed to deceive users into connecting crypto wallets to a crypto-drainer kit. The domain was registered on April 09, 2026, and is currently leveraging a Let’s Encrypt SSL certificate to establish false legitimacy. Security telemetry indicates this domain has been weaponized to harvest funds through fraudulent transaction prompts, consistent with the operational patterns of modern crypto-draining campaigns.

Forensic analysis reveals exact technical indicators that reinforce its malicious classification: the domain resolves to IP address 172.67.147.202, carries a VirusTotal detection score of 8/95 security vendors, and is flagged by Hagezi DNS blocklists. The domain was registered through Fewmoretaps OU (d/b/a Trustname.com), a registrar frequently associated with low-friction, high-risk domain registrations. Additionally, it appears on one security blocklist and its recent creation date (April 09, 2026) suggests a hastily deployed threat actor resource. These attributes collectively confirm the domain’s role in a targeted impersonation campaign.

The domain remains active and continues to pose an elevated risk to users engaging with MEXC-related services. Immediate containment is advised: block kanimex.com at DNS and network levels, revoke SSL certificates via issuers where possible, and audit endpoints for wallet connection logs or drainer-related artifacts. Despite active detection by multiple vendors and blocklists, the risk remains significant due to the domain’s recent deployment and the growing sophistication of brand impersonation threats in the crypto sector. Ongoing monitoring and threat hunting are recommended to prevent potential financial loss.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: MEXC

## Domain Intelligence
- Registered: 2026-04-09 22:16:47
- Registrar: Fewmoretaps OU d/b/a Trustname.com
- IP: 172.67.147.202

## Detection Status
- VirusTotal: 8 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["Hagezi"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0b453d47-5c11-49c0-956e-d5b10e860a17
- PhishDestroy: https://phishdestroy.io/domain/kanimex.com/
- LLM endpoint: https://phishdestroy.io/domain/kanimex.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kanimex.com/
Last updated: 2026-04-13