# pocketes.cyou — SUSPICIOUS > PhishDestroy identifies pocketes.cyou as a crypto drainer phishing site with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies pocketes.cyou as a live crypto drainer phishing domain designed to steal cryptocurrency from unwitting users. The site mimics a legitimate wallet interface and prompts victims to connect their crypto wallets or enter seed phrases, after which funds are drained within minutes. This is not a static scam page; it actively serves malicious JavaScript to harvest private keys and initiate unauthorized transactions. Anyone who visits should assume their assets are at immediate risk and revoke any connected wallet permissions immediately. This domain was flagged by PhishDestroy on January 12, 2026, shortly after creation. It resolves to IP address 188.114.97.3 and is registered through Gname.com Pte. Ltd., a registrar known for hosting high volumes of fraudulent domains. The site uses a Let’s Encrypt SSL certificate to appear legitimate, but this does not guarantee safety—SSL only confirms encrypted communication, not trustworthiness. At the time of analysis, VirusTotal shows 0 detections out of 95 scanners, indicating it is actively evading detection systems. If you visited pocketes.cyou, disconnect any connected wallets immediately using your wallet’s “Connected Apps” or “Revoke Access” feature. Do not interact with any prompts for seed phrases, private keys, or wallet connections. Scan your device with reputable antivirus (Malwarebytes, Windows Defender) and consider rotating wallet credentials. Report the domain to your wallet provider and local cybercrime units. Stay alert—new crypto drainers emerge daily, and even SSL certificates can’t protect you from malicious intent. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-01-12 08:46:06 - Registrar: Gname.com Pte. Ltd. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/pocketes.cyou - PhishDestroy: https://phishdestroy.io/domain/pocketes.cyou/ - LLM endpoint: https://phishdestroy.io/domain/pocketes.cyou/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/pocketes.cyou/ Last updated: 2026-04-06