# shm-syariah378.vip — SUSPICIOUS > shm-syariah378.vip detected as crypto drainer with 0/95 VirusTotal detections. Avoid visiting or connecting wallets to prevent fund loss. ## Summary PhishDestroy identifies shm-syariah378.vip as an active crypto drainer impersonating a Syariah-related service. This domain exhibits multiple red flags, including recent creation, low trust metrics, and hosting infrastructure linked to known malicious patterns. Users interacting with this domain risk unauthorized cryptocurrency transfers via compromised wallet connections. Immediate action is required to mitigate exposure. This domain was flagged with a risk level of under_investigation and resolved to IP 172.67.144.6. It was registered through Dominet (HK) Limited on March 23, 2026, and currently carries a VirusTotal detection ratio of 0/95. The domain utilizes a Let's Encrypt SSL certificate, which does not indicate trustworthiness. As of the latest scan, no blocklists or reputation engines flagged this domain, highlighting its novelty and potential for evasion. To mitigate risks, users must avoid visiting or interacting with shm-syariah378.vip entirely. If wallet connections were previously made, revoke permissions immediately via wallet settings or use tools like Revoke.cash. Block the domain at the network level using DNS filtering or firewall rules. Report the domain to cryptocurrency platforms and security vendors to aid in takedown efforts. Stay vigilant for brand impersonation tactics targeting financial or religious services. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-23 09:20:55 - Registrar: Dominet (HK) Limited - IP: 172.67.144.6 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/c15f8c6f-272a-4391-b3aa-f76e99b018c3 - PhishDestroy: https://phishdestroy.io/domain/shm-syariah378.vip/ - LLM endpoint: https://phishdestroy.io/domain/shm-syariah378.vip/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/shm-syariah378.vip/ Last updated: 2026-03-23