# shadowmint.cc — SUSPICIOUS

> Beware: shadowmint.cc is a crypto drainer stealing funds via fake crypto services. 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies shadowmint.cc as an active crypto drainer designed to steal cryptocurrency from unwitting victims by posing as a legitimate service. This domain operates a malicious web application that surreptitiously drains funds from connected wallets under the guise of transactions or airdrops, leveraging deceptive UI elements and fake transaction confirmations to trick users into approving unauthorized transfers.  shadowmint.cc was registered through NAMECHEAP INC on March 26, 2026, using a Let's Encrypt SSL certificate to appear legitimate. Despite zero detections on VirusTotal out of 95 scanners, this domain has not yet been widely flagged by security vendors. Creation within the past 48 hours combined with zero detections suggests it is a newly active campaign. The IP address 188.114.97.3 is associated with multiple low-reputation domains and is known to host malicious web services, further supporting its classification as a fraudulent crypto drainer.  Users who visited shadowmint.cc should immediately disconnect any connected crypto wallets, revoke permissions via blockchain tools such as Etherscan or Solscan, and monitor their transaction history for unauthorized transfers. Do not approve any transactions or sign messages from this domain. Report this site to PhishDestroy immediately and clear browser cache. If funds were stolen, file a report with local cybercrime units and your wallet provider with transaction hashes. Always verify domains using PhishDestroy before engaging with cryptocurrency platforms.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-26 18:44:20
- Registrar: NAMECHEAP INC
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/df0a1509-8e21-4913-be1c-fbfefe37b26c
- PhishDestroy: https://phishdestroy.io/domain/shadowmint.cc/
- LLM endpoint: https://phishdestroy.io/domain/shadowmint.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/shadowmint.cc/
Last updated: 2026-03-28