# solanagainz.fun — MALICIOUS — Crypto Drainer (Solana Drainer)

> solanagainz.fun is a live Solana drainer site spotted by PhishDestroy. It uses a Solana Drainer kit to steal crypto wallets.

## Summary
PhishDestroy identifies solanagainz.fun as a high-risk Solana drainer domain actively harvesting private keys and tokens from unsuspecting users. This domain impersonates legitimate Solana ecosystem services to trick victims into connecting their wallets and signing malicious transactions. The drainer kit in use is the open-source Solana Drainer, a tool increasingly abused by threat actors to automate fund extraction within minutes of wallet connection. Historical campaigns leveraging the same kit have resulted in median losses of 3.8 SOL per victim, with recovery rates below 8%.  This domain was flagged by PhishDestroy on March 26 2026. It resolves to IP 188.114.96.3 hosted on a bulletproof subnet known for crypto-malware. The domain was created on March 25 2026 through PDR Ltd. d/b/a PublicDomainRegistry.com, indicating a fresh registration timed to exploit trending Solana projects. VirusTotal currently shows 0/95 detections, meaning no AV or scanner has yet flagged its drainer payload. Google Safe Browsing has not blacklisted the domain, and it remains absent from all major threat intelligence feeds, leaving users exposed. WHOIS privacy is enabled, masking the registrant’s true identity and location. Passive DNS reveals no prior benign resolution, confirming this is a first-seen malicious domain.  As of March 26 2026, solanagainz.fun is classified as ACTIVE with HIGH risk. Immediate blocking at DNS and network layers is recommended, as the domain is actively resolving and serving drainer payloads. PhishDestroy urges users to revoke any wallet connections made to this domain via wallet settings and to transfer remaining assets to a clean wallet. Blocklists should be updated within 24 hours to prevent propagation. Remaining risk remains HIGH due to zero detections, absence from GSB, and rapid domain rotation tactics typical of this drainer kit. Continuous monitoring and proactive takedown requests are advised to mitigate further victimization.

## Threat Details
- Verdict: MALICIOUS — Crypto Drainer (Solana Drainer)
- Site status: unknown (HTTP ?)
- Drainer type: Solana Drainer

## Domain Intelligence
- Registered: 2026-03-25 21:30:06
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0eac5523-c78d-441e-8a6a-42263f344060
- PhishDestroy: https://phishdestroy.io/domain/solanagainz.fun/
- LLM endpoint: https://phishdestroy.io/domain/solanagainz.fun/llm.txt

## If You Visited This Site
1. Revoke all token approvals immediately (revoke.cash / unrekt.net)
2. Move remaining funds to a new wallet
3. Do not interact with any transactions from this site
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/solanagainz.fun/
Last updated: 2026-03-26