# lastpump.fun — SUSPICIOUS > lastpump.fun is a fake Pump.fun site pushing a crypto drainer. VirusTotal shows 0/95 detections. Verify this domain on PhishDestroy immediately. ## Summary PhishDestroy identifies lastpump.fun as an active brand-impersonation domain targeting Pump.fun users. This site poses a direct risk of cryptocurrency theft through a crypto-drain attack, where victims’ wallet connections are exploited to silently transfer funds without consent. The threat actor behind this domain has configured it to mimic the legitimate Pump.fun platform, likely through deceptive advertisements, social media posts, or phishing emails, tricking users into connecting their wallets under false pretenses. Once a user visits lastpump.fun and authorizes a wallet connection, malicious scripts embedded in the page attempt to drain tokens or NFTs by exploiting approved transaction permissions. The domain’s quick setup and minimal detection on security platforms suggest this campaign is still in early deployment phases, increasing the risk of undetected compromise. This domain was flagged on March 24, 2026, and is currently hosted on IP 104.21.56.172. It uses a Let’s Encrypt SSL certificate to appear legitimate and was registered through Global Domain Group LLC. VirusTotal currently returns 0 detections out of 95 security engines, indicating it remains under the radar of most antivirus and threat-intelligence platforms. The domain name itself is a deliberate misspelling of Pump.fun, a known Solana-based token launch platform, designed to exploit user trust and hasty typing. The combination of a newly minted domain, low detection rate, and impersonation of a major Web3 platform places this site on high alert for imminent or ongoing attacks targeting crypto investors. If you visited lastpump.fun or connected your wallet, immediately revoke any unauthorized permissions through your wallet’s settings or use tools like Revoke.cash. Do not interact further with the site or any links from it. Scan your device with updated antivirus software and consider rotating sensitive wallet credentials. Report this domain to PhishDestroy and block it on your network. Remain cautious of similar misspelled domains and always verify URLs through official channels or trusted threat-intelligence tools before entering credentials or authorizing transactions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Pump.fun ## Domain Intelligence - Registered: 2026-03-24 15:16:30 - Registrar: Global Domain Group LLC - IP: 104.21.56.172 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/98492c9d-e9ae-44e7-9045-7872839b89d1 - PhishDestroy: https://phishdestroy.io/domain/lastpump.fun/ - LLM endpoint: https://phishdestroy.io/domain/lastpump.fun/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/lastpump.fun/ Last updated: 2026-03-24