# quests-yom.org — SUSPICIOUS > quests-yom.org identified as crypto drainer targeting victims via fake quests. Flagged by 2 of 95 VirusTotal vendors. Act now to block. ## Summary PhishDestroy identifies quests-yom.org as an active crypto drainer site involved in credential theft and cryptocurrency asset exfiltration. The domain is currently operational and poses an elevated risk to users engaging with it. This assessment is based on confirmed indicators across multiple threat intelligence platforms and security vendor detections. QuestDestroy confirms that quests-yom.org is a crypto drainer impersonating legitimate web3 platforms to deceive users into connecting their wallets. This domain was flagged by 2 of 95 VirusTotal security vendors, registered through Cloudflare, Inc., and resolves to IP address 188.114.97.3. The domain was created on December 01, 2025, and is currently blocked by SEAL, MetaMask, and ScamSniffer. It appears on 3 separate security blocklists and holds an SSL certificate issued by Google Trust Services, adding a veneer of legitimacy. These details highlight the domain's recent origin and its adoption of trusted infrastructure to bypass initial scrutiny. The domain remains active and continues to pose a credible threat to cryptocurrency users. Given the confirmed presence on three major blocklists and multiple vendor detections, organizations and individuals are strongly advised to block quests-yom.org at the network and endpoint levels. Users should avoid interacting with the domain or any associated URLs and should verify the authenticity of any web3 platform before connecting wallets or entering credentials. Implementing DNS filtering rules and updating threat intelligence feeds to include this domain are critical steps in preventing potential compromise. Additionally, reporting this domain to relevant crypto security platforms can aid in broader threat mitigation efforts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-12-01 13:13:28 - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 3 hits Lists: ["SEAL", "MetaMask", "ScamSniffer"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/92b624be-a81f-4489-8c33-fae8fd4978e5 - PhishDestroy: https://phishdestroy.io/domain/quests-yom.org/ - LLM endpoint: https://phishdestroy.io/domain/quests-yom.org/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/quests-yom.org/ Last updated: 2026-03-29