# shibprotocol.com — SUSPICIOUS > Domain shibprotocol.com is a suspected crypto drainer impersonating Sei blockchain, with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies shibprotocol.com as an active brand impersonation domain masquerading as the Sei blockchain ecosystem to distribute crypto drainer malware. The domain is configured to mimic Sei’s branding to deceive users into connecting wallets or entering credentials under the false pretense of accessing official Sei services. No known drainer kit artifacts were publicly available at the time of analysis, but the site’s structure and SSL configuration suggest it is part of a broader impersonation campaign targeting Sei users seeking yield opportunities or protocol access. Domain shibprotocol.com was registered on August 22, 2024, through NICENIC INTERNATIONAL GROUP CO., LIMITED, and resolves to IP address 172.67.212.150. VirusTotal currently reports 0 out of 95 detection engines flagging the domain, indicating it remains under the radar of most security vendors. The site holds a valid SSL certificate issued by Google Trust Services, which may be used to enhance credibility and bypass browser warnings. At present, the domain has not been added to major blocklists, including Google Safe Browsing (GSB), which continues to pose a risk to unsuspecting visitors. This domain is currently classified as active and under investigation, with no confirmed takedown or block implemented. PhishDestroy advises users to avoid interacting with shibprotocol.com and verify any Sei-related domains using official channels. The lack of detections and recent registration date suggest an evolving threat that could escalate if left unaddressed. Users are urged to report this domain and exercise caution when accessing blockchain platforms to prevent wallet compromise or credential theft. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Sei ## Domain Intelligence - Registered: 2024-08-22 17:52:37 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 172.67.212.150 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/e420d1f8-2b0d-4087-80ca-e9752961bd84 - PhishDestroy: https://phishdestroy.io/domain/shibprotocol.com/ - LLM endpoint: https://phishdestroy.io/domain/shibprotocol.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/shibprotocol.com/ Last updated: 2026-03-27