# metamsk-logi.framer.ai — MALICIOUS

> PhishDestroy identifies metamsk-logi.framer.ai as a crypto drainer phishing site, flagged by 9/95 VirusTotal vendors.

## Summary
PhishDestroy identifies metamsk-logi.framer.ai as an active crypto drainer posing as a MetaMask login portal. This domain is designed to trick users into connecting their cryptocurrency wallets, allowing attackers to drain funds directly. The site mimics official MetaMask branding to exploit trust and urgency, tricking victims into authorizing malicious transactions. If you see this domain, do not interact with it—it is a confirmed threat.  

This domain was flagged by multiple security vendors after resolving to IP address 31.43.161.6 and obtaining a Let’s Encrypt SSL certificate. PhishDestroy confirms that 9 out of 95 VirusTotal security engines detected malicious activity, and it is blocked by MetaMask and SEAL. The domain is also listed on two major threat intelligence blocklists, indicating widespread recognition as a phishing resource. While the exact creation date is not provided, the presence of a valid SSL certificate and active blocking by major platforms suggest recent deployment as part of an ongoing phishing campaign targeting crypto users.  

If you have visited metamsk-logi.framer.ai or entered any wallet credentials, disconnect your wallet immediately and revoke any unauthorized approvals using tools like Etherscan or your wallet’s built-in security features. Do not approve any transactions or sign messages from unknown domains. Report this domain to your antivirus provider, MetaMask, and PhishDestroy to help block further attacks. Always verify URLs carefully and use official bookmarks or trusted sources when accessing cryptocurrency platforms.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 31.43.161.6

## Detection Status
- VirusTotal: 9 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["MetaMask", "SEAL"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/52d1d3ea-587b-4342-a954-da891a6b8262
- PhishDestroy: https://phishdestroy.io/domain/metamsk-logi.framer.ai/
- LLM endpoint: https://phishdestroy.io/domain/metamsk-logi.framer.ai/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/metamsk-logi.framer.ai/
Last updated: 2026-03-27