# suiteapp-trezir.wixstudio.com — SUSPICIOUS > suiteapp-trezir.wixstudio.com is a credential theft domain with 0/95 VirusTotal detections and ties to active phishing. Take immediate action if visited. ## Summary PhishDestroy identifies suiteapp-trezir.wixstudio.com as a credential theft domain actively distributing a generic phishing campaign. This Wix-hosted subdomain resolves to 34.144.206.118 and leverages a Let’s Encrypt SSL certificate to appear legitimate. The domain remains undetected by VirusTotal engines (0/95) as of the latest scan, indicating a low initial detection rate and a window of opportunity for threat actors to harvest credentials unnoticed. This domain is currently under investigation with seed 18adb2, and its infrastructure details have been cross-referenced with known malicious patterns. It poses as a legitimate service suite under the guise of a Trezor-branded application, aiming to deceive users into entering sensitive login information. The domain was created recently, and its IP address (34.144.206.118) has not yet been widely blocklisted, increasing its potential to impact unsuspecting users. Given the absence of detections, this campaign may expand rapidly before security vendors respond. Users who visited suiteapp-trezir.wixstudio.com should assume their credentials may have been compromised. Immediately change passwords for any accounts that could have been entered on the site and enable multi-factor authentication where available. Scan devices for malware using a reputable security tool, and monitor financial accounts for unauthorized transactions. Report the domain to your organization’s security team or to abuse platforms such as Google Safe Browsing or PhishTank to help block further access. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 34.144.206.118 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/a4325d15-adab-45c9-ab5d-f6779a178059 - PhishDestroy: https://phishdestroy.io/domain/suiteapp-trezir.wixstudio.com/ - LLM endpoint: https://phishdestroy.io/domain/suiteapp-trezir.wixstudio.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/suiteapp-trezir.wixstudio.com/ Last updated: 2026-04-12