# overdrive.ws — SUSPICIOUS

> PhishDestroy identifies overdrive.ws as a crypto drainer domain first detected on April 7. VirusTotal shows 0/95 engines flagged this active credential theft.

## Summary
PhishDestroy has flagged the domain overdrive.ws as a live crypto drainer portal designed to steal cryptocurrency wallet credentials. When users land on the site they are shown a fake login page that mimics a legitimate cryptocurrency platform, tricking visitors into entering their wallet recovery phrases or private keys. Any information submitted is immediately harvested and used to drain connected wallets without the victim’s consent, leading to irreversible financial losses.  This domain was added to PhishDestroy’s watchlist on discovery after VirusTotal returned 0 detections out of 95 engines, meaning no antivirus or security tool currently recognizes the page as malicious. The domain was registered on April 7 at Dynadot and resolves to IP 109.120.156.136 using a Let’s Encrypt SSL certificate—tactics attackers use to appear legitimate and gain user trust.  If you visited overdrive.ws, disconnect from the internet, clear browser cache and cookies, and scan your device with updated antivirus software. Never re-enter credentials or recovery phrases after visiting the site, and consider transferring remaining funds to a new wallet via a secure device. Report the domain to your local cybercrime unit and share the URL with PhishDestroy’s takedown team to help protect others.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-07 11:49:42
- Registrar: Dynadot
- IP: 109.120.156.136

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/overdrive.ws
- PhishDestroy: https://phishdestroy.io/domain/overdrive.ws/
- LLM endpoint: https://phishdestroy.io/domain/overdrive.ws/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/overdrive.ws/
Last updated: 2026-04-07