# pb-consult.services — SUSPICIOUS > Beware: pb-consult.services impersonates a crypto drainer site with 0/95 VirusTotal detections. Verify URLs using PhishDestroy’s real-time scanner before. ## Summary PhishDestroy identifies pb-consult.services as a newly active crypto drainer scam designed to siphon cryptocurrency from unsuspecting victims. This domain, registered on January 30, 2026, through GoDaddy.com, LLC, has yet to be flagged by traditional security tools despite its malicious intent. VirusTotal currently reports 0 detections out of 95 engines, indicating a stealthy operation that evades immediate recognition. The SSL certificate issued by Google Trust Services may lend an air of legitimacy, but its recent creation and minimal detection rate raise significant red flags for security teams and end users alike. Technical indicators point to a high-risk infrastructure hosted at IP address 188.114.97.3, a known hotspot for fraudulent activities. This domain represents a critical threat due to its specific focus on cryptocurrency theft. Crypto drainers are specialized malware that automatically transfer funds from a victim’s wallet to the attacker’s address once a transaction is initiated, often without the user’s knowledge. The lack of AV detections suggests the threat actor is employing evasion tactics, such as rapidly changing payloads or leveraging newly registered domains to bypass blacklists. With no blacklist entries as of yet, proactive monitoring is essential to prevent financial losses. The combination of a freshly minted domain, a legitimate-looking SSL certificate, and a suspicious IP association creates a perfect storm for deception, particularly targeting users engaged in crypto transactions or DeFi activities. Users who have visited pb-consult.services should take immediate action to secure their assets and devices. First, disconnect any wallets or applications from the internet and transfer remaining funds to a clean wallet if possible. Next, scan all devices that accessed the domain using updated antivirus and anti-malware tools, as crypto drainers often deliver secondary payloads. Finally, report the domain to PhishDestroy and local cybersecurity authorities to aid in takedown efforts. This domain remains under investigation, but its low detection rate and recent activity underscore the need for heightened vigilance. Always verify URLs through trusted sources like PhishDestroy before entering sensitive information or initiating transactions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-01-30 13:28:16 - Registrar: GoDaddy.com, LLC - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/pb-consult.services - PhishDestroy: https://phishdestroy.io/domain/pb-consult.services/ - LLM endpoint: https://phishdestroy.io/domain/pb-consult.services/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/pb-consult.services/ Last updated: 2026-04-10