# opgmoney.sbs — SUSPICIOUS

> Beware: opgmoney.sbs is a crypto drainer phishing domain detected on March 23, 2026. Only 0 out of 95 VirusTotal engines flagged it—verify safety on.

## Summary
PhishDestroy identifies opgmoney.sbs as a recently emerged crypto drainer posing under the guise of a financial service. This domain was flagged on March 23, 2026, shortly after registration through NICENIC INTERNATIONAL GROUP CO., LIMITED, and currently resolves to the IP address 104.21.15.184. Notably, VirusTotal’s detection rate remains critically low at 0 out of 95, suggesting minimal exposure in automated scans despite its malicious intent.  Evidence supporting the malicious nature of opgmoney.sbs includes its recent creation date, the use of a Let’s Encrypt SSL certificate to appear legitimate, and its association with a registrar known for facilitating questionable registrations. The domain’s infrastructure aligns with tactics commonly leveraged by cryptocurrency drainers, which aim to trick users into connecting wallets or entering private keys. As of this report, the domain has not yet been widely blacklisted, underscoring the urgency for proactive user vigilance.  If you’ve accessed opgmoney.sbs or entered any credentials or wallet connections, disconnect from the site immediately and revoke any unauthorized permissions in your wallet or exchange settings. Run a scan using PhishDestroy’s latest threat database to verify the domain’s safety status. Avoid interacting with this domain further, and report any suspicious transactions or interactions to your platform’s security team. Stay cautious—crypto drainers often mimic legitimate financial services to exploit user trust.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-23 08:48:46
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.15.184

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1e4efdef-0ee3-4fa2-bbeb-828dba3936a2
- PhishDestroy: https://phishdestroy.io/domain/opgmoney.sbs/
- LLM endpoint: https://phishdestroy.io/domain/opgmoney.sbs/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/opgmoney.sbs/
Last updated: 2026-03-23