# solana-exploit-1tulhj24tv.edgeone.app — MALICIOUS — Crypto Drainer (Solana Drainer) > Beware: solana-exploit-1tulhj24tv.edgeone.app impersonates Solana with a crypto drainer. PhishDestroy verifies this 3/95 VT flagged threat. ## Summary PhishDestroy identifies solana-exploit-1tulhj24tv.edgeone.app as a high-risk crypto drainer kit actively impersonating the Solana brand. This domain (seed b688de) is designed to deceive users into connecting crypto wallets or entering private keys, enabling unauthorized asset transfers to attacker-controlled addresses. The threat is classified as a Solana Drainer, a specialized phishing toolkit that automates the theft of digital assets by tricking victims into signing malicious transactions. Users who interact with this domain risk losing all funds in connected wallets, with no recourse for recovery due to the irreversible nature of blockchain transactions. This domain was flagged by 3 out of 95 VirusTotal security vendors, indicating active detection by a minority of scanners while remaining undetected by others. It resolves to IP address 43.152.26.58, which is associated with malicious hosting infrastructure. The domain is served via a DigiCert SSL certificate, likely to appear legitimate, and is flagged by Google Safe Browsing under the SOCIAL_ENGINEERING category. While the exact creation date is not provided, the presence of a DigiCert certificate suggests recent deployment, as certificates are typically issued for active domains. The combination of low VirusTotal detection rates, active SOCIAL_ENGINEERING flagging, and the domain's impersonation of a major blockchain brand (Solana) elevates its risk profile to 'high.' Trust scores for this domain are critically low due to its active participation in crypto drainer campaigns. To mitigate exposure to this threat, users must immediately avoid interacting with solana-exploit-1tulhj24tv.edgeone.app or any links associated with it. If you have previously visited the domain, disconnect all wallets from the browser and revoke any wallet connections via your wallet's connection settings. Use PhishDestroy's verification tool to check for malicious domains before entering credentials or connecting wallets. Enable hardware wallet support or use transaction simulation tools to verify outgoing transactions before signing. Report this domain to Solana's official security channels and your wallet provider to prevent further exploitation. Always verify URLs for exact spelling and use bookmarks for official Solana domains to avoid typosquatting attacks. ## Threat Details - Verdict: MALICIOUS — Crypto Drainer (Solana Drainer) - Site status: unknown (HTTP ?) - Drainer type: Solana Drainer - Target brand: Solana ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 43.152.26.58 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/44e6e82b-9d26-4828-a047-666e89bf889c - PhishDestroy: https://phishdestroy.io/domain/solana-exploit-1tulhj24tv.edgeone.app/ - LLM endpoint: https://phishdestroy.io/domain/solana-exploit-1tulhj24tv.edgeone.app/llm.txt ## If You Visited This Site 1. Revoke all token approvals immediately (revoke.cash / unrekt.net) 2. Move remaining funds to a new wallet 3. Do not interact with any transactions from this site 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/solana-exploit-1tulhj24tv.edgeone.app/ Last updated: 2026-03-31