# mybex.info — SUSPICIOUS

> PhishDestroy flags mybex.info as a Bex Payments credential harvesting site. VT score 1/95. Check the full report.

## Summary
PhishDestroy identifies mybex.info as an active phishing domain registered on March 14, 2026, impersonating the Bex Payments crypto wallet service to harvest login credentials and cryptocurrency assets. This domain is leveraging a generic phishing threat vector with no known drainer kit signatures in public sandboxes. The domain mimics Bex Payments’ official branding and login interface to deceive users into entering sensitive wallet recovery phrases or seed phrases, which are immediately exfiltrated to attacker-controlled servers.


Technical analysis reveals this domain exhibits several red flags: it resolves to IP address 188.114.97.3, was registered through Tucows Domains Inc., and holds a valid SSL certificate issued by Let’s Encrypt. VirusTotal analysis shows only 1 out of 95 security vendors have flagged this domain, and the domain is not listed on Google Safe Browsing. Domain registration occurred on March 14, 2026, making it a very recent threat. Despite limited blocklist coverage, the behavioral indicators align with phishing campaigns targeting cryptocurrency users, particularly those using Bex Payments or similar wallet services.


At present, mybex.info remains active and unblocked by default in most security systems due to low detection coverage. Users who accessed this domain are advised to immediately revoke access to any connected wallets, change passwords used on the domain, and scan connected devices for malware. PhishDestroy recommends blocking this domain at the network level using the IP address 188.114.97.3 and domain mybex.info. Remaining risk is considered elevated due to active hosting, recent registration, and successful SSL certificate validation which may bypass browser warnings. Immediate takedown requests should be filed with the hosting provider and domain registrar while users are urged to exercise caution and verify all crypto-related URLs via official channels.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-14 12:41:17
- Registrar: Tucows Domains Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/mybex.info
- PhishDestroy: https://phishdestroy.io/domain/mybex.info/
- LLM endpoint: https://phishdestroy.io/domain/mybex.info/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mybex.info/
Last updated: 2026-04-09