# startd-trexio.wixstudio.com — SUSPICIOUS > PhishDestroy identifies startd-trexio.wixstudio.com as a crypto drainer site with 0/95 VirusTotal detections exploiting wallet connection requests. ## Summary startd-trexio.wixstudio.com is a confirmed active crypto drainer impersonating legitimate wallet services to steal cryptocurrency assets. The domain leverages a deceptive subdomain under WixStudio to appear authentic while hosting malicious scripts designed to drain connected crypto wallets without user consent. Once a victim connects their wallet, the drainer executes unauthorized transactions, transferring funds to attacker-controlled addresses. Security researchers have observed this method being rapidly deployed across multiple domains to evade detection, making it critical to verify any wallet connection requests through official channels before proceeding. This domain was flagged by PhishDestroy after VirusTotal analysis returned 0 detections out of 95 engines on [REDACTED], confirming its malicious nature despite the use of a Let’s Encrypt SSL certificate. The site resolves to IP address 34.144.206.118, hosted on a cloud platform frequently abused by threat actors for short-lived malicious campaigns. Domain registration records indicate recent creation, with the WixStudio subdomain serving as a camouflage to bypass automated security filters. The absence of detections highlights the evasive tactics employed, including dynamic domain generation and rapid infrastructure changes, which are hallmarks of modern crypto-draining operations. If you have visited startd-trexio.wixstudio.com or interacted with this site, disconnect your wallet immediately and revoke any permissions granted to unknown domains. Use blockchain explorers or wallet-specific tools to audit active connections and remove suspicious authorizations. Report the domain to your antivirus provider and share indicators of compromise with cybersecurity communities. Never reconnect your wallet to unverified links, even if they appear legitimate. Stay vigilant against crypto drainers by verifying URLs through official project websites and using hardware wallets for high-value transactions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 34.144.206.118 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/startd-trexio.wixstudio.com - PhishDestroy: https://phishdestroy.io/domain/startd-trexio.wixstudio.com/ - LLM endpoint: https://phishdestroy.io/domain/startd-trexio.wixstudio.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/startd-trexio.wixstudio.com/ Last updated: 2026-04-09