# slon--3at.ru — SUSPICIOUS

> PhishDestroy identifies slon--3at.ru as a crypto drainer domain flagged by 2 of 95 VirusTotal vendors since creation on 02-28-2026. Act now.

## Summary
PhishDestroy identifies slon--3at.ru as an active crypto drainer domain designed to trick visitors into unknowingly transferring cryptocurrency to attacker-controlled wallets. This domain mimics legitimate crypto platforms to deceive users during transactions, particularly those involving token swaps or wallet connections. Unsuspecting visitors may authorize malicious smart contracts that drain funds directly from connected wallets without additional confirmation, leading to irreversible financial losses. The site exploits trust in crypto infrastructure by using familiar branding elements or promises of exclusive opportunities. 

This domain was flagged by PhishDestroy using multiple threat intelligence sources, including VirusTotal where 2 out of 95 security vendors detected malicious activity. Technical analysis reveals the domain was registered through REGRU-RU on February 28, 2026, and resolves to IP address 205.185.113.136. The domain uses a Let's Encrypt SSL certificate to appear legitimate, a common tactic to bypass browser security warnings. The low detection rate at initial flagging (2/95) suggests either recent activation or evasion techniques to avoid immediate detection. 

If you visited slon--3at.ru, immediately disconnect your wallet from any dApps or websites you interacted with on this domain. Revoke any unauthorized token approvals through your wallet’s interface or tools like revoke.cash. Transfer remaining funds to a new wallet with a different seed phrase. Monitor your transaction history for unauthorized transfers and consider reporting the incident to your wallet provider and relevant cryptocurrency authorities. Do not reuse passwords or wallet recovery phrases anywhere else. For future protection, use hardware wallets for large transactions and verify URLs through official project channels before any interaction.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-28 01:48:20
- Registrar: REGRU-RU
- IP: 205.185.113.136

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/352dbbe7-2387-4a7d-8e72-f2f94a8a05f9
- PhishDestroy: https://phishdestroy.io/domain/slon--3at.ru/
- LLM endpoint: https://phishdestroy.io/domain/slon--3at.ru/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/slon--3at.ru/
Last updated: 2026-03-28