# phantomcard.icu — MALICIOUS — Crypto Drainer (Solana Drainer)

> Phantomcard.icu is a high-risk Solana crypto drainer domain with 0/95 VirusTotal detections. Block immediately and warn users of crypto theft risks.

## Summary
PhishDestroy identifies phantomcard.icu as an active crypto drainer domain impersonating Phantom crypto wallet services. This domain employs a Solana Drainer kit designed to siphon cryptocurrency from unsuspecting victims by mimicking legitimate Phantom wallet interfaces or related crypto services. The drainer kit specifically targets users familiar with Phantom wallet transactions, exploiting their trust to facilitate unauthorized fund transfers.


This domain was flagged with exact technical indicators including 0 detections on VirusTotal out of 95 engines (last scanned March 2026), registered through Global Domain Group LLC on March 23, 2026, and resolving to IP address 188.114.96.3. Let’s Encrypt issued its SSL certificate, indicating an attempt to appear legitimate. Despite zero VirusTotal detections, the domain remains unlisted on Google Safe Browsing (GSB) and has not yet been widely blocked by threat intelligence platforms, making it a latent but active threat.


Phantomcard.icu is currently active and poses a high risk to cryptocurrency users, particularly those interacting with Phantom wallet ecosystems. Immediate response is required: block the domain at DNS and network levels, flag the SSL certificate, and update endpoint protection rules. Users should be warned to avoid the domain entirely and verify all crypto transaction links via official Phantom channels. While remediation is possible through proactive blocking, the absence of current blocklist coverage means undetected exposure remains. Continuous monitoring and rapid threat intelligence dissemination are essential to mitigate ongoing theft attempts.

## Threat Details
- Verdict: MALICIOUS — Crypto Drainer (Solana Drainer)
- Site status: unknown (HTTP ?)
- Drainer type: Solana Drainer

## Domain Intelligence
- Registered: 2026-03-23 00:58:11
- Registrar: Global Domain Group LLC
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/21aab074-eff8-469e-9756-d1c7e11ea461
- PhishDestroy: https://phishdestroy.io/domain/phantomcard.icu/
- LLM endpoint: https://phishdestroy.io/domain/phantomcard.icu/llm.txt

## If You Visited This Site
1. Revoke all token approvals immediately (revoke.cash / unrekt.net)
2. Move remaining funds to a new wallet
3. Do not interact with any transactions from this site
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/phantomcard.icu/
Last updated: 2026-03-23