# mospool.xyz — SUSPICIOUS

> mospool.xyz is a crypto drainer domain flagged by 2 of 95 VirusTotal vendors. Users should verify this threat on PhishDestroy immediately.

## Summary
The domain mospool.xyz has been identified as an active site involved in crypto drainer attacks. This threat type involves deceiving users into revealing cryptocurrency wallet credentials or authorizing unauthorized transactions. Currently, the domain remains operational and poses an elevated risk to users in the digital currency space.

PhishDestroy's analysis shows that 2 of 95 security vendors on VirusTotal have flagged mospool.xyz, indicating a relatively low but notable detection rate. The domain was registered through Gname.com Pte. Ltd. and created on November 30, 2025. It resolves to the IP address 188.114.96.3 and uses an SSL certificate issued by Google Trust Services, potentially to appear legitimate to victims. While only a small fraction of blocklists currently include this domain, the elevated risk rating suggests caution.

Given the active status of mospool.xyz and its association with crypto draining, users and organizations should block access to the domain and monitor related network traffic. It is advised to educate users about the dangers of fake cryptocurrency sites and to verify suspicious domains through PhishDestroy before interacting. Continuous monitoring and timely updates to blocklists will help mitigate the threat posed by this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-11-30 16:08:54
- Registrar: Gname.com Pte. Ltd.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e74ca04c-cbff-4384-8203-f0263457bfba
- PhishDestroy: https://phishdestroy.io/domain/mospool.xyz/
- LLM endpoint: https://phishdestroy.io/domain/mospool.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mospool.xyz/
Last updated: 2026-03-29