# shushi---cdn-swap.webflow.io — MALICIOUS

> PhishDestroy identifies active SushiSwap phishing on shushi---cdn-swap.webflow.io. 17/95 security vendors flag this domain. Check the full report.

## Summary
PhishDestroy identifies an active SushiSwap phishing campaign hosted at shushi---cdn-swap.webflow.io that mimics the legitimate SushiSwap interface to steal cryptocurrency and credentials. The fraudulent site displays a page title identical to the official SushiSwap swap interface and uses a Webflow.io subdomain to appear legitimate. This domain is designed to deceive users into connecting wallets or entering seed phrases, resulting in direct fund theft or account compromise. Users attempting to swap tokens on what appears to be a familiar interface are actually interacting with a malicious clone that logs all input data and forwards transactions to attacker-controlled addresses.


This domain was flagged by 17 out of 95 VirusTotal security vendors as malicious, resolving to IP 104.18.36.248 via Google Trust Services SSL. The page title 'Swap | Sushi' closely mimics the legitimate SushiSwap interface, increasing the likelihood of user deception. While the exact creation date of the domain is not publicly available, its active status and consistent malicious detection indicate a recently deployed threat. The domain remains accessible as of the latest analysis, with no evidence of takedown or remediation.


If you visited or used shushi---cdn-swap.webflow.io, immediately disconnect your wallet and revoke any connected permissions through your wallet’s interface or reputable revocation tools such as revoke.cash. Do not enter any credentials or seed phrases. Scan your device with updated antivirus software and consider transferring remaining funds to a new wallet with a unique seed phrase. Report the domain to your wallet provider and consider filing a complaint with relevant cybercrime authorities. Always verify URLs and use official bookmarks or trusted sources before interacting with cryptocurrency platforms.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP ?)
- Page title: Swap | Sushi

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248

## Detection Status
- VirusTotal: 17 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e359a8c4-fd55-46f6-9f26-11bde233d754
- PhishDestroy: https://phishdestroy.io/domain/shushi---cdn-swap.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/shushi---cdn-swap.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/shushi---cdn-swap.webflow.io/
Last updated: 2026-04-13