# pc.gomarketssvip.cc — MALICIOUS > PhishDestroy identifies pc.gomarketssvip.cc as an active crypto drainer impersonating legitimate brands. ## Summary PhishDestroy analysts have identified pc.gomarketssvip.cc as a recently activated crypto drainer domain designed to deceive users into connecting fraudulent cryptocurrency wallets. This domain mimics legitimate brand names to lure victims into authorizing malicious transactions, a tactic commonly associated with cryptocurrency theft. The threat actor behind this campaign employs a generic drainer kit that executes unauthorized transfers upon wallet connection, posing significant financial risk to unsuspecting users. Technical indicators confirm this domain’s malicious nature. Registered on October 02, 2025, through Gname.com Pte. Ltd., pc.gomarketssvip.cc resolves to IP address 172.67.166.123 and is secured with a Google Trust Services SSL certificate. VirusTotal analysis reveals a detection rate of 12/95 security vendors, while this domain remains unlisted in Google Safe Browsing (GSB) at the time of analysis. These metrics highlight a growing but still emerging threat with limited but increasing recognition across security platforms. This domain remains active as of the latest assessment and continues to pose an elevated risk to cryptocurrency users. PhishDestroy recommends immediate avoidance and blocking of pc.gomarketssvip.cc. Users who may have interacted with this domain should disconnect wallets, revoke any unauthorized permissions, and report the incident to their platform and local cybercrime authorities. While the current detection rate is moderate, the domain’s recent creation and active status suggest rapid evolution, warranting heightened vigilance and proactive threat mitigation. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-10-02 05:58:03 - Registrar: Gname.com Pte. Ltd. - IP: 172.67.166.123 ## Detection Status - VirusTotal: 12 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/726095e5-08fe-4c81-93a1-768f27248065 - PhishDestroy: https://phishdestroy.io/domain/pc.gomarketssvip.cc/ - LLM endpoint: https://phishdestroy.io/domain/pc.gomarketssvip.cc/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/pc.gomarketssvip.cc/ Last updated: 2026-03-23