# swell-network-liquid-restaking-for-defi.net — SUSPICIOUS > swell-network-liquid-restaking-for-defi.net is a crypto drainer domain flagged by 1 of 95 vendors. Check the full report for detailed risk info. ## Summary PhishDestroy identifies swell-network-liquid-restaking-for-defi.net as an active crypto drainer domain targeting DeFi users. This threat specifically aims to compromise victims' cryptocurrency wallets by tricking them into liquid restaking processes that ultimately drain their digital assets. The domain impersonates legitimate DeFi services to lure users into authorizing malicious transactions. Technical analysis shows the domain resolves to IP address 188.114.97.3 and was registered on October 10, 2025. It was created through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar occasionally abused by threat actors. VirusTotal detection is currently low, with only 1 out of 95 security vendors flagging this domain, which may indicate it is newly active or employing evasion tactics. The domain uses a Google Trust Services SSL certificate, adding a false sense of legitimacy. The domain remains active with an elevated risk level, requiring immediate caution. Users who have visited swell-network-liquid-restaking-for-defi.net should immediately review their wallet activity for unauthorized transactions and revoke suspicious permissions granted to any connected wallets or applications. It is strongly recommended to refrain from interacting with this domain or providing any sensitive keys or credentials. Security professionals should add this domain to blocklists and monitor for related phishing campaigns. Prompt action can prevent significant crypto asset losses from this sophisticated drainer threat. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-10-10 18:59:06 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.97.3 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/a1a32070-45ee-4908-96ff-ac503d42e04c - PhishDestroy: https://phishdestroy.io/domain/swell-network-liquid-restaking-for-defi.net/ - LLM endpoint: https://phishdestroy.io/domain/swell-network-liquid-restaking-for-defi.net/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/swell-network-liquid-restaking-for-defi.net/ Last updated: 2026-03-27