# rewards-sodex.xyz — MALICIOUS

> PhishDestroy identifies rewards-sodex.xyz as a credential theft site with crypto drainer tactics. Flagged by 5 of 95 VirusTotal vendors—avoid immediately.

## Summary
PhishDestroy identifies rewards-sodex.xyz as an active crypto drainer scam domain currently leveraging credential theft tactics to target victims. The domain is classified under the generic phishing threat type with elevated risk status, indicating ongoing malicious operations designed to deceive users into surrendering sensitive authentication data or cryptocurrency wallet credentials. This site should be treated as actively hazardous to visitors and avoided entirely.

This domain was flagged by 5 of 95 VirusTotal security vendors, registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. It resolves to IP address 188.114.96.3 and was created on February 09, 2026. The domain appears on 2 separate security blocklists and is blocked by MetaMask and SEAL. Despite having an SSL certificate issued by Google Trust Services, the combination of low trust metrics, early domain age, and high-risk categorization from multiple detection engines signals significant danger to potential visitors.

Given the confirmed malicious status, PhishDestroy strongly advises against any interaction with rewards-sodex.xyz. Users who may have already visited or entered information should disconnect from the site immediately, revoke any shared credentials, and scan connected devices for malware. Cryptocurrency wallet users should transfer assets to a new wallet with updated security settings. If this domain appears in unsolicited messages or affiliate links, report and block it to prevent further exposure. Stay vigilant—this domain is actively malicious and poses a direct threat to financial and personal security.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-09 12:30:31
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["MetaMask", "SEAL"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/05ec79be-9634-43a6-98bf-5b481326e8c1
- PhishDestroy: https://phishdestroy.io/domain/rewards-sodex.xyz/
- LLM endpoint: https://phishdestroy.io/domain/rewards-sodex.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rewards-sodex.xyz/
Last updated: 2026-03-27