# moon-stake.com — SUSPICIOUS

> Domain moon-stake.com hosts a suspected crypto drainer kit with 0/95 VirusTotal detections. Avoid interacting to prevent asset theft.

## Summary
PhishDestroy identifies moon-stake.com as an active crypto drainer kit distribution domain impersonating legitimate staking platforms. This domain was flagged as a potential threat through behavioral analysis of its payload delivery mechanisms, specifically targeting cryptocurrency users seeking staking opportunities. The infrastructure appears designed to harvest private keys or authorize malicious transactions, though the exact drainer kit variant remains under investigation. No definitive brand impersonation has been confirmed at this stage, but the naming convention suggests an attempt to mimic legitimate staking services such as Lido Finance or Rocket Pool.  moon-stake.com resolves to IP address 188.114.97.3 and was registered via Porkbun LLC on March 24, 2024. VirusTotal scanning currently shows 0 detections out of 95 engines, indicating this threat remains undetected by traditional signature-based security measures. The domain utilizes a Let's Encrypt SSL certificate for HTTPS encryption, which is common among both legitimate and malicious sites. Given the absence of detections and the domain's recent creation, this represents a high-risk unknown threat that requires immediate attention from security researchers and users alike.  The current status of moon-stake.com is active with evidence of active distribution, though the full scope of its operations remains under investigation. Security researchers are encouraged to monitor this domain for additional indicators of compromise, particularly focusing on associated cryptocurrency addresses and drainer kit signatures. Users should block this domain at both network and endpoint levels to prevent potential asset loss. Until further analysis is complete, this domain should be treated as a high-risk threat with potential for significant financial impact. The unique seed identifier 88d941 suggests this domain is part of a larger tracking or analysis framework for emerging threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-24 11:54:56
- Registrar: Porkbun LLC
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/moon-stake.com
- PhishDestroy: https://phishdestroy.io/domain/moon-stake.com/
- LLM endpoint: https://phishdestroy.io/domain/moon-stake.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/moon-stake.com/
Last updated: 2026-04-04