# src-uniswap.org — MALICIOUS

> Beware of src-uniswap.org, a high-risk crypto drainer flagged for social engineering. Learn why this domain was taken offline to protect your assets.

## Summary
PhishDestroy has detected src-uniswap.org as a malicious domain classified under crypto drainer threats. The domain was designed to deceive users by impersonating a legitimate Uniswap service, aiming to steal cryptocurrency assets through fraudulent means. This categorization highlights its intent to exploit users in the crypto space by draining wallets and harvesting sensitive information.

Analysis reveals src-uniswap.org was created recently on February 21, 2026. Technical scans show it was flagged by 14 out of 95 security vendors on VirusTotal and appeared on three separate security blocklists. Google Safe Browsing categorizes it as a social engineering threat, indicating phishing tactics employed to manipulate victims into divulging private keys or authorizing unauthorized transactions. The domain infrastructure and naming closely mimic trusted crypto platforms to enhance its deceptive appeal.

Currently, src-uniswap.org has been taken offline, removing immediate risk to users. PhishDestroy continues to monitor related activity and advises caution around similar domains. Users are encouraged to verify URLs carefully and remain vigilant against social engineering scams targeting cryptocurrency holdings.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Uniswap

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Dynadot LLC
- Country: US
- IP: 172.67.191.35
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["nola.ns.cloudflare.com", "titan.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Seclookup", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199cdd4-186d-779d-a3b0-ef467c8f227f.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/ea20ca4c-c5d9-41a4-bef5-c35a1e29fdf6
- PhishDestroy: https://phishdestroy.io/domain/src-uniswap.org/
- LLM endpoint: https://phishdestroy.io/domain/src-uniswap.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/src-uniswap.org/
Last updated: 2026-03-19