# stonex-kr.co.kr — SUSPICIOUS

> stonex-kr.co.kr is a crypto drainer impersonating StoneX. VirusTotal flags 3/95 vendors. Verify on PhishDestroy before interacting.

## Summary
PhishDestroy identifies stonex-kr.co.kr as an active crypto drainer domain impersonating the legitimate StoneX platform. This domain employs deceptive tactics to trick users into connecting crypto wallets, enabling the theft of digital assets through unauthorized transactions. The risk level has been classified as elevated due to its confirmed malicious activities and the potential for significant financial harm to unsuspecting victims.  This domain resolves to the IP address 185.178.208.138 and was registered on March 19, 2026, through Gabia, Inc., a South Korean domain registrar. VirusTotal analysis reveals that 3 out of 95 security vendors flag this domain as malicious, indicating a moderate but notable detection rate. The domain utilizes a Let's Encrypt SSL certificate, which may lend an appearance of legitimacy to unsuspecting users. Despite its recent registration, this domain has already been flagged for its malicious intent, highlighting the importance of vigilance when engaging with unfamiliar financial platforms.  To mitigate the risks associated with stonex-kr.co.kr, users are strongly advised to verify the authenticity of any domain or platform before interacting with it, particularly when financial transactions or wallet connections are involved. Avoid clicking on unsolicited links, and always cross-check URLs with official sources or trusted security platforms like PhishDestroy. If you encounter this domain or have fallen victim to its scams, report it immediately and seek assistance to secure your assets. Proactive verification and caution are critical in preventing crypto drainer attacks.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-19 00:00:00
- Registrar: Gabia, Inc.(http://www.gabia.co.kr)
- IP: 185.178.208.138

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/cf255fbd-ff5c-443f-b6f7-b8236a8e47bb
- PhishDestroy: https://phishdestroy.io/domain/stonex-kr.co.kr/
- LLM endpoint: https://phishdestroy.io/domain/stonex-kr.co.kr/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/stonex-kr.co.kr/
Last updated: 2026-03-30