# solana-qr.com — MALICIOUS — Crypto Drainer (Solana Drainer)

> Beware: solana-qr.com is a live crypto drainer impersonating Solana wallets. Verify on PhishDestroy before interacting. VT 0/95 detections as of Jan 2026.

## Summary
PhishDestroy identifies solana-qr.com as a high-risk domain actively hosting a Solana Drainer kit, a type of crypto-draining malware designed to steal funds from unsuspecting victims. This domain poses an immediate financial threat to users interacting with Solana-related services or wallets. The threat level is classified as high due to the specific nature of the drainer kit and the absence of detections on VirusTotal, which currently shows 0/95 flagged submissions.  This domain was flagged by PhishDestroy with the following technical indicators: it resolves to IP address 104.21.83.252 and was registered on January 09, 2026, through SOLLUTIUM LLC. The SSL certificate is issued by Google Trust Services, which does not inherently indicate legitimacy. Notably, VirusTotal shows no detections (0/95) as of the latest scan, suggesting it remains under the radar of many security vendors. The drainer kit in use is identified as the Solana Drainer, a known toolkit employed by threat actors to siphon cryptocurrency from compromised wallets.  To mitigate exposure to this threat, users are strongly advised to avoid interacting with solana-qr.com or any associated links. Verify the legitimacy of Solana-related websites and wallet interfaces by cross-referencing them on PhishDestroy or other trusted threat intelligence platforms. Additionally, ensure your wallet software is up to date and consider using hardware wallets for an added layer of security. If you suspect interaction with this domain, immediately transfer remaining assets to a secure wallet and revoke any unauthorized connections. Organizations should also block this domain and IP at the network perimeter to prevent potential compromise.

## Threat Details
- Verdict: MALICIOUS — Crypto Drainer (Solana Drainer)
- Site status: unknown (HTTP ?)
- Drainer type: Solana Drainer

## Domain Intelligence
- Registered: 2026-01-09 00:52:40
- Registrar: SOLLUTIUM LLC
- IP: 104.21.83.252

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2d82a621-0b0e-48e7-a666-ec9637b690b9
- PhishDestroy: https://phishdestroy.io/domain/solana-qr.com/
- LLM endpoint: https://phishdestroy.io/domain/solana-qr.com/llm.txt

## If You Visited This Site
1. Revoke all token approvals immediately (revoke.cash / unrekt.net)
2. Move remaining funds to a new wallet
3. Do not interact with any transactions from this site
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/solana-qr.com/
Last updated: 2026-03-23