# raydiumfixsol.live — SUSPICIOUS > Raydiumfixsol.live is a brand impersonation site flagged by 0 of 95 VirusTotal vendors. Avoid this crypto drainer impersonating Raydium. Investigate now. ## Summary PhishDestroy identifies raydiumfixsol.live as an active brand impersonation domain currently under investigation for mimicking Raydium, a prominent decentralized exchange on the Solana blockchain. This domain, registered recently, exhibits red flags consistent with crypto drainer operations designed to deceive users into connecting wallets or entering credentials under false pretenses. The threat remains unresolved and continues to resolve to infrastructure linked to malicious activity, warranting heightened vigilance from security teams and users alike. This domain was flagged by 0 of 95 VirusTotal vendors as of the latest scan, indicating it has not yet been widely recognized by automated detection systems. It was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolves to IP address 188.114.96.3, and was created on April 02, 2026. The domain utilizes a Let's Encrypt SSL certificate to enhance its appearance of legitimacy. Despite its low detection rate, the use of a trusted certificate issuer and recent registration date are common tactics employed by threat actors to increase credibility and bypass initial scrutiny. The current status of this domain remains active, with no immediate signs of takedown or remediation. Given the high-risk nature of brand impersonation in the cryptocurrency space—where a single interaction can result in irreversible financial loss—security teams are advised to block this domain at the network perimeter using DNS sinkholing or firewall rules. Users should be alerted through security awareness training to avoid interacting with unsolicited links or websites claiming to represent Raydium. Additionally, monitoring for connections to 188.114.96.3 and similar infrastructure is recommended to detect potential compromise. Immediate action includes updating threat intelligence feeds, reviewing web proxy logs for access to this domain, and reporting it to relevant abuse channels to accelerate remediation efforts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Raydium ## Domain Intelligence - Registered: 2026-04-02 11:54:33 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/raydiumfixsol.live - PhishDestroy: https://phishdestroy.io/domain/raydiumfixsol.live/ - LLM endpoint: https://phishdestroy.io/domain/raydiumfixsol.live/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/raydiumfixsol.live/ Last updated: 2026-04-04