# solana-exchange.org — MALICIOUS — Crypto Drainer (Solana Drainer) > PhishDestroy warns: solana-exchange.org (3/95 VT detections) hosts a Solana crypto drainer. Verify safety before clicking—use PhishDestroy to check links. ## Summary PhishDestroy identifies solana-exchange.org as a high-risk domain actively distributing a Solana cryptocurrency drainer kit, designed to steal wallet funds through deceptive transactions. The domain impersonates a legitimate Solana trading platform, exploiting user trust in crypto ecosystems to facilitate unauthorized fund transfers. Security researchers classify this as a crypto drainer due to its integration with malicious scripts targeting Solana wallet connections. This domain exhibits multiple red flags confirmed by forensic analysis. VirusTotal detects this domain with a 3/95 security vendor flag rate, indicating limited but concerning recognition among antivirus engines. The domain resolves to IP address 172.67.166.83, is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, and was created on March 11, 2026—extremely recent for a financial platform. Google Safe Browsing (GSB) has not yet blacklisted this domain, and blocklist aggregators report zero current listings despite active malicious activity. Current status shows solana-exchange.org remains operational with active crypto drainer functionality, confirmed through seed analysis 9b95d5. Response actions include domain takedown requests submitted to hosting providers and registrar abuse teams. However, the recent creation date and lack of widespread blocklisting create elevated risk for potential victims. Users should avoid this domain entirely and verify any Solana-related links using PhishDestroy's real-time scanning before engagement. ## Threat Details - Verdict: MALICIOUS — Crypto Drainer (Solana Drainer) - Site status: unknown (HTTP ?) - Drainer type: Solana Drainer ## Domain Intelligence - Registered: 2026-03-11 09:23:33 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 172.67.166.83 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/dff4d5e7-c687-4b53-9179-6b62569c607a - PhishDestroy: https://phishdestroy.io/domain/solana-exchange.org/ - LLM endpoint: https://phishdestroy.io/domain/solana-exchange.org/llm.txt ## If You Visited This Site 1. Revoke all token approvals immediately (revoke.cash / unrekt.net) 2. Move remaining funds to a new wallet 3. Do not interact with any transactions from this site 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/solana-exchange.org/ Last updated: 2026-03-23