# njzq1.cish31dmkad.com — MALICIOUS > njzq1.cish31dmkad.com is a confirmed crypto drainer scam targeting unsuspecting users. Verify this malicious domain on PhishDestroy before engaging – risk. ## Summary This domain, njzq1.cish31dmkad.com, has been identified as a crypto drainer scam site designed to steal cryptocurrency assets from victims. The threat involves a malicious domain mimicking legitimate services to trick users into connecting crypto wallets, where funds are then drained without authorization. No specific brand impersonation was detected in this campaign, suggesting a standalone operation focused on exploiting wallet connectivity for financial theft. njzq1.cish31dmkad.com exhibits multiple red flags aligning with active phishing infrastructure. The domain was registered on March 24, 2026, through GoDaddy.com, LLC, and resolves to IP address 67.211.71.81. Security analysis via VirusTotal shows 14 out of 95 vendors flagged this domain as malicious, while Google Safe Browsing (GSB) has not yet assigned a classification status. Additionally, the domain is currently blocked by two major security blocklists, OpenPhish and PhishingArmy, indicating widespread recognition as a threat. The use of a Sectigo Limited SSL certificate further attempts to lend false legitimacy to the site. As of current assessment, njzq1.cish31dmkad.com remains active and poses an elevated risk to users. Security vendors have initiated blocking actions, but the domain continues to operate undetected by GSB, leaving a window for potential exposure. Immediate caution is advised for anyone interacting with this domain. Users are strongly encouraged to verify the legitimacy of any crypto-related domain through PhishDestroy or similar threat intelligence platforms before proceeding with any wallet connections or transactions. The risk remains significant due to the domain’s active status and infrastructure designed specifically for financial exploitation. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-24 14:30:34 - Registrar: GoDaddy.com, LLC - IP: 67.211.71.81 ## Detection Status - VirusTotal: 14 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["OpenPhish", "PhishingArmy"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/05d76077-26ba-4e12-a42b-541380311aa1 - PhishDestroy: https://phishdestroy.io/domain/njzq1.cish31dmkad.com/ - LLM endpoint: https://phishdestroy.io/domain/njzq1.cish31dmkad.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/njzq1.cish31dmkad.com/ Last updated: 2026-03-29