# slokn8.cc — SUSPICIOUS

> slokn8.cc exposed: cryptocurrency drainer scam uncovered. VirusTotal 2/95 detections. Check the full report.

## Summary
PhishDestroy identifies slokn8.cc as an active cryptocurrency drainer scam site. The domain poses as a legitimate digital asset service, luring victims into connecting wallets to steal funds. No specific brand is mimicked in current telemetry, suggesting opportunistic targeting. Drainer kit functionality includes transaction simulation, fund siphoning via wallet signature requests, and fake transaction confirmations. The domain resolves to IP 141.98.234.104 and employs a Let's Encrypt SSL certificate, enhancing deceptive legitimacy.

Technical indicators confirm elevated risk: VirusTotal detection ratio is 2/95 security vendors as of seed 356ec3. The domain was registered on February 19, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED. According to available blocklist telemetry, slokn8.cc remains unlisted on Google Safe Browsing (GSB status: clean) and shows no entries in major threat intelligence feeds. Creation date and registrar details align with recent threat actor TTPs favoring short-lived disposable domains.

slokn8.cc remains ACTIVE and is currently serving malicious content. Immediate response includes domain blocking at network and endpoint levels. Users are advised to avoid interaction and report the domain to threat intelligence platforms. Despite limited vendor detection, the domain’s technical profile supports elevated risk classification. Remaining risk includes ongoing campaign activity and potential expansion to additional malicious infrastructure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-19 11:21:41
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 141.98.234.104

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6b71faa3-5129-4fa8-8f9d-f5930e8872db
- PhishDestroy: https://phishdestroy.io/domain/slokn8.cc/
- LLM endpoint: https://phishdestroy.io/domain/slokn8.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/slokn8.cc/
Last updated: 2026-03-28