# metadao-fi.xyz — SUSPICIOUS > metadao-fi.xyz hosts a crypto drainer impersonating MetaDAO, flagged by 0 of 95 VirusTotal vendors. Verify safety on PhishDestroy before use. ## Summary PhishDestroy identifies metadao-fi.xyz as hosting a crypto drainer impersonating MetaDAO, currently active and under investigation. This domain was flagged as a generic phishing site and exhibits high-risk indicators consistent with cryptocurrency theft operations. The site is not yet detected by VirusTotal but shows clear signs of malicious intent, including impersonation of a well-known decentralized autonomous organization (DAO) in the crypto space. Technical analysis reveals that metadao-fi.xyz was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 19, 2026. The domain resolves to IP address 172.67.154.35 and utilizes a Let's Encrypt SSL certificate. VirusTotal currently shows 0 detections out of 95 security vendor checks, indicating it has not yet been widely flagged despite active malicious activity. The domain's recent creation date and use of a legitimate-looking SSL certificate are common tactics employed by threat actors to establish trust temporarily. Additionally, the domain's registrar and hosting infrastructure align with known patterns used by crypto drainer operations. Given the high-risk nature of this domain and its specific targeting of MetaDAO users, PhishDestroy currently lists metadao-fi.xyz as active and under investigation. Users are strongly advised to avoid interacting with this domain, particularly when prompted for wallet connections or login credentials. The site's crypto drainer functionality suggests it is designed to exfiltrate digital assets upon user interaction, posing significant financial risk. For continued safety, users should verify all domains claiming association with MetaDAO or similar platforms through official channels before engaging. PhishDestroy recommends reporting any encounters with this domain to enhance collective threat intelligence. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-19 00:40:27 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 172.67.154.35 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2f3170f6-ac8e-4d5e-a323-e39a9af1bf68 - PhishDestroy: https://phishdestroy.io/domain/metadao-fi.xyz/ - LLM endpoint: https://phishdestroy.io/domain/metadao-fi.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/metadao-fi.xyz/ Last updated: 2026-03-23