# scanclaw.pro — SUSPICIOUS > scanclaw.pro is a crypto wallet drainer impersonating a generic login portal. Verify safety on PhishDestroy after its 0/95 VirusTotal detections. ## Summary scanclaw.pro has been flagged for hosting a crypto wallet drainer, a malicious tool designed to steal cryptocurrency from unsuspecting users. This threat is classified as a high-risk generic phishing attack, with the domain specifically engineered to deceive users into connecting their crypto wallets under false pretenses. The operation behind this site is likely automated, targeting victims through social engineering tactics such as fake giveaways, fraudulent airdrops, or spoofed login pages for popular crypto services. Given the active nature of the domain and its recent creation, users are strongly advised to avoid any interaction with this URL to prevent financial loss. PhishDestroy identifies scanclaw.pro as a newly emerged cyber threat, with its technical footprint revealing several red flags. The domain was registered through Global Domain Group LLC on April 04, 2026, and resolves to IP address 170.75.167.42. VirusTotal currently reports 0 out of 95 detections, indicating that mainstream antivirus engines have not yet flagged its malicious payload. The domain utilizes a Let's Encrypt SSL certificate, which adds a veneer of legitimacy but does not guarantee safety. Despite its clean VirusTotal score, the domain’s recent registration date and lack of historical data on blocklists suggest it is still in the early stages of deployment, making it a moving target for detection systems. Trust scores for this domain are currently nonexistent or critically low, as it has not been vetted by reputable security platforms. Mitigation steps for this crypto wallet drainer threat are critical to prevent irreversible financial damage. Users should immediately cease any interaction with scanclaw.pro, including avoiding clicks on links shared via email, social media, or messaging platforms. If a wallet connection was attempted, disconnect it immediately using wallet-specific security features, such as revoking permissions in MetaMask or other wallet interfaces. For organizations or individuals who may have fallen victim, report the incident to local cybercrime units and cryptocurrency recovery services, as funds sent to drainer addresses are often irrecoverable. Additionally, monitor connected wallets and revoke any suspicious smart contract approvals to limit potential exposure. PhishDestroy recommends verifying any unfamiliar domain through its real-time threat database before proceeding with transactions or login attempts to mitigate the risk of falling prey to similar attacks. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-04 01:17:49 - Registrar: Global Domain Group LLC - IP: 170.75.167.42 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/scanclaw.pro - PhishDestroy: https://phishdestroy.io/domain/scanclaw.pro/ - LLM endpoint: https://phishdestroy.io/domain/scanclaw.pro/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/scanclaw.pro/ Last updated: 2026-04-07