# raydium-solana.network — MALICIOUS — Crypto Drainer (Solana Drainer)

> The domain raydium-solana.network poses a high crypto drainer threat. Avoid using it and ensure your Solana assets remain secure.

## Summary
PhishDestroy identifies raydium-solana.network as a high-risk crypto drainer targeting users by impersonating the Solana brand. The domain's primary threat lies in its capability to siphon cryptocurrency funds, emphasizing the significant danger it poses to digital asset holders.

Supporting evidence includes the domain’s registration date of February 21, 2026, through NiceNIC International Group Co., Limited, and its resolution to IP 104.21.8.11. It is linked to a Solana Drainer kit and appears on two security blocklists, with 18 out of 95 VirusTotal vendors flagging it, underscoring its malicious infrastructure and intent. The domain’s page title, “Raydium,” is a known Solana-associated platform, used here to deceive users.

Currently, the domain is offline, limiting immediate risk, yet users should remain vigilant and avoid any interaction with this site. It is crucial to verify URLs carefully and employ updated security tools to prevent compromises associated with crypto drainers like this one, especially when dealing with assets tied to Solana.

## Threat Details
- Verdict: MALICIOUS — Crypto Drainer (Solana Drainer)
- Site status: dead (HTTP 403)
- Drainer type: Solana Drainer
- Target brand: Solana
- Page title: Raydium

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Expires: 2026-08-11 00:00:00
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 104.21.8.11
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["lynn.ns.cloudflare.com", "walk.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 18 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Lionic", "Netcraft", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019be43f-65c8-746d-8e5e-da162c9f77e8.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/55878dd4-e943-433a-943e-b437a12e42b4
- Wayback Machine: https://web.archive.org/web/https://raydium-solana.network
- PhishDestroy: https://phishdestroy.io/domain/raydium-solana.network/
- LLM endpoint: https://phishdestroy.io/domain/raydium-solana.network/llm.txt

## If You Visited This Site
1. Revoke all token approvals immediately (revoke.cash / unrekt.net)
2. Move remaining funds to a new wallet
3. Do not interact with any transactions from this site
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/raydium-solana.network/
Last updated: 2026-03-19