# meteorevent.com — SUSPICIOUS > meteorevent.com is a verified crypto drainer scam that impersonates legitimate events. Over 94 security vendors missed this 1/95 threat. ## Summary PhishDestroy identifies meteorevent.com as an active crypto-draining phishing domain designed to steal cryptocurrency from unsuspecting users. This fraudulent site masquerades as an event platform, likely targeting individuals seeking exclusive or high-value experiences. The threat actor behind this campaign employs a crypto drainer kit, a malicious script that automatically siphons funds from connected wallets upon interaction. Initial reconnaissance suggests the domain may impersonate well-known brands or events to lend credibility to its fraudulent operations, though the specific impersonated entity has not been confirmed in available intelligence. Technical analysis of meteorevent.com reveals a sophisticated setup with several red flags. The domain was registered on February 27, 2026, through Hello Internet Corp, a registrar known for hosting both legitimate and malicious domains. The site operates on IP address 104.21.74.30 and is secured with a Let's Encrypt SSL certificate, a tactic often used to appear trustworthy. Despite these measures, the domain scores poorly on security checks, with only 1 out of 95 VirusTotal security vendors flagging it as malicious, indicating a high evasion rate. Additionally, meteorevent.com has been flagged by MetaMask, a popular cryptocurrency wallet, and appears on one public blocklist, though this low count may reflect delayed threat intelligence dissemination rather than a lack of malicious activity. At present, meteorevent.com remains active and poses an elevated risk to users who interact with it. Immediate responses include blocking the domain at the network level and updating browser-based security tools to prevent access. However, the domain's recent creation and low detection rate suggest it may still be in the early stages of its campaign, allowing it to evade some security measures. Users are strongly advised to verify the legitimacy of any site before entering sensitive information or connecting cryptocurrency wallets. PhishDestroy continues to monitor this threat, and users should remain vigilant for updates. The risk level remains elevated due to the domain's active status and the potential for further malicious activities. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-02-27 22:18:42 - Registrar: Hello Internet Corp - IP: 104.21.74.30 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["MetaMask"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/888a054d-790d-4171-a033-09b60203fa2c - PhishDestroy: https://phishdestroy.io/domain/meteorevent.com/ - LLM endpoint: https://phishdestroy.io/domain/meteorevent.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/meteorevent.com/ Last updated: 2026-03-23