# river-s4.icu — SUSPICIOUS > river-s4.icu exposed as a crypto drainer scam. Only 2 of 95 VirusTotal vendors flagged it since creation on March 20, 2026. Block immediately. ## Summary PhishDestroy identifies river-s4.icu as an active crypto drainer designed to trick users into connecting cryptocurrency wallets and unknowingly approve malicious token transfers. This domain was flagged with certainty after VirusTotal analysis revealed just 2 out of 95 security vendors detected it as malicious. The domain itself was registered on March 20, 2026 through PDR Ltd. d/b/a PublicDomainRegistry.com and resolves to IP address 188.114.97.3. A Let’s Encrypt SSL certificate has been provisioned, lending false legitimacy. The low detection rate and recent registration window suggest this campaign is either newly launched or carefully evading detection. If you visited river-s4.icu: Do not connect any wallets or enter any credentials. Disconnect immediately if a wallet connection was attempted. Clear browser cache and cookies, then run a full antivirus scan. Report the domain to your IT team or security provider. If cryptocurrency was involved, contact your wallet provider and local cybercrime unit immediately. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-20 21:34:38 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 188.114.97.3 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/9e676954-c572-47fa-8604-76e3ccec89e8 - PhishDestroy: https://phishdestroy.io/domain/river-s4.icu/ - LLM endpoint: https://phishdestroy.io/domain/river-s4.icu/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/river-s4.icu/ Last updated: 2026-03-23