# solana-launchpad.com — MALICIOUS — Crypto Drainer (Solana Drainer) > PhishDestroy identifies solana-launchpad.com as a live Solana crypto drainer domain with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies solana-launchpad.com as a recently activated Solana crypto drainer domain designed to siphon cryptocurrency assets from unsuspecting victims. The threat actor leverages the domain’s branding to impersonate legitimate Solana launchpad services, tricking users into connecting their wallets to a malicious drainer kit. This kit, identified as the Solana Drainer, is a notorious toolkit capable of draining SPL tokens, NFTs, and SOL balances directly from connected wallets. The operational window for this campaign appears strikingly brief, with the domain only registered on September 23, 2025, yet already hosting active malicious infrastructure. The domain resolves to a single IP address, 188.114.96.3, and is currently secured with an SSL certificate issued by Google Trust Services, a tactic commonly used to lend legitimacy to malicious sites. VirusTotal assessments show the domain has evaded detection entirely, with 0/95 engines flagging it at the time of writing. This domain was registered through PDR Ltd. d/b/a PublicDomainRegistry.com, a registrar known for accommodating bulk malicious registrations. PhishDestroy’s telemetry indicates the domain remains unlisted on major threat intelligence feeds, amplifying the risk of undetected compromise. This low-profile deployment strategy, combined with recent registration, suggests an evasion-first approach by the threat actor, likely targeting high-value cryptocurrency users during active market conditions. This domain is currently categorized as HIGH RISK due to its direct involvement in cryptocurrency theft campaigns and its use of deceptive branding targeting Solana ecosystem participants. Immediate defensive actions include blocking the domain at the DNS and network levels, isolating associated IP ranges, and distributing IOCs to SOC teams for proactive hunting. Given the domain’s recent activation and zero detection rate, it represents a critical blind spot in current threat intelligence. Users should be warned against interacting with this domain or any related infrastructure. While blocking and monitoring are immediate priorities, long-term mitigation requires strengthening wallet security practices and user education on verifying legitimate platform URLs. The threat actor’s rapid deployment and SSL certification demonstrate operational sophistication, necessitating heightened vigilance across monitoring systems to prevent successful asset exfiltration. ## Threat Details - Verdict: MALICIOUS — Crypto Drainer (Solana Drainer) - Site status: unknown (HTTP ?) - Drainer type: Solana Drainer ## Domain Intelligence - Registered: 2025-09-23 00:12:08 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/20ef9e03-5ce0-4bfe-8197-db1e68d9e2aa - PhishDestroy: https://phishdestroy.io/domain/solana-launchpad.com/ - LLM endpoint: https://phishdestroy.io/domain/solana-launchpad.com/llm.txt ## If You Visited This Site 1. Revoke all token approvals immediately (revoke.cash / unrekt.net) 2. Move remaining funds to a new wallet 3. Do not interact with any transactions from this site 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/solana-launchpad.com/ Last updated: 2026-03-25