# rewards-gala.xyz — SUSPICIOUS > PhishDestroy identifies rewards-gala.xyz as a crypto drainer impersonating a rewards gala. Domain has 0/95 VirusTotal detections. Avoid interaction. ## Summary PhishDestroy identifies rewards-gala.xyz as an active crypto drainer campaign designed to trick users into connecting cryptocurrency wallets under the guise of a rewards gala event. The domain resolves to IP 188.114.96.3 and was registered through PDR Ltd. d/b/a PublicDomainRegistry.com on March 21, 2026. The site uses a valid Let's Encrypt SSL certificate to appear legitimate, suggesting attackers prioritize evasion and user trust-building. With 0 detections on VirusTotal out of 95 scanners, this domain remains undetected by most automated security tools, increasing the risk of successful compromise for unsuspecting visitors. This domain exhibits multiple red flags consistent with active cryptocurrency drainer operations. The use of a recently registered domain (March 21, 2026), single-purpose infrastructure, and SSL certificate procurement within hours of domain creation indicate a coordinated, time-sensitive campaign. The absence of detections on VirusTotal (0/95) suggests either a very recent deployment or highly evasive techniques such as fast-flux hosting or dynamic IP rotation. While the registrar (PDR Ltd.) is legitimate, the domain's age and purpose strongly correlate with malicious intent. Users should treat any interaction—especially wallet connections—as high-risk. If you visited rewards-gala.xyz, immediately disconnect your wallet from any connected websites. Revoke any token approvals via your wallet interface or blockchain explorer. Do not enter any personal information or cryptocurrency wallet details. Clear browser cache and cookies, then run a full antivirus scan. Report the domain to your wallet provider, relevant blockchain security platforms (e.g., ScamAdviser, Etherscan token approval revocation tools), and local cybercrime units. Monitor wallet transactions closely for unauthorized activity. This domain remains active and undetected—treat it as compromised until further intelligence emerges. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-21 17:50:13 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/1beb9867-f83d-423f-a8ef-8acaab14990a - PhishDestroy: https://phishdestroy.io/domain/rewards-gala.xyz/ - LLM endpoint: https://phishdestroy.io/domain/rewards-gala.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/rewards-gala.xyz/ Last updated: 2026-03-23