# macsgo.com — MALICIOUS

> macsgo.com is a confirmed cryptocurrency wallet drainer posing as a legitimate crypto service. 12/95 vendors flagged this site resolving to 188.114.96.3.

## Summary
macsgo.com is an active cryptocurrency wallet drainer site designed to deceive users into connecting their wallets and exfiltrating assets. The domain mimics legitimate crypto service platforms to trick visitors into granting permissions or signing malicious transactions. While no specific drainer kit has been publicly disclosed, the site’s functionality aligns with known wallet-draining operations observed in similar phishing campaigns targeting crypto holders.  

PhishDestroy identifies macsgo.com as a generic phishing domain with an elevated risk profile. The domain resolves to IP address 188.114.96.3 and was registered on April 3, 2025 through NICENIC INTERNATIONAL GROUP CO., LIMITED. The SSL certificate is issued by Google Trust Services, which may lend superficial credibility. VirusTotal reports a detection rate of 12 out of 95 security vendors, indicating partial visibility within the threat intelligence ecosystem.  

This domain remains active and poses a significant threat to cryptocurrency users, particularly those interacting with decentralized finance (DeFi) platforms or managing digital assets. Immediate action is recommended: users should avoid accessing the site, block the IP 188.114.96.3, and report the domain to browser security teams and threat intelligence platforms. While the site’s recent creation and moderate detection rate suggest limited exposure so far, the risk of rapid evolution into a more sophisticated operation remains high. Continuous monitoring and proactive blocking are essential to mitigate potential losses. The domain’s use of Google Trust Services SSL further highlights the need for heightened scrutiny by users and security systems alike.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-04-03 22:33:53
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5b876e9e-5ed9-4c0d-a798-bd64e0460842
- PhishDestroy: https://phishdestroy.io/domain/macsgo.com/
- LLM endpoint: https://phishdestroy.io/domain/macsgo.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/macsgo.com/
Last updated: 2026-03-27