# swissstarnode.tech — SUSPICIOUS > swissstarnode.tech is a confirmed crypto drainer phishing site with 0/95 VirusTotal detections; verify safety on PhishDestroy before interacting. ## Summary PhishDestroy identifies swissstarnode.tech (seed 62ca8b) as a generic phishing domain engaged in cryptocurrency drainer operations, a technique where attackers trick users into connecting their wallets to malicious smart contracts that silently drain funds. This domain does not impersonate a specific brand but instead leverages a generic, high-risk crypto-related naming convention to attract victims searching for decentralized finance tools or services. The infrastructure is designed for fraudulent financial extraction, making it a critical threat to cryptocurrency users who may unknowingly authorize malicious transactions. This domain resolves to IP address 144.76.155.11 and is registered through NameCheap, Inc., with a domain creation date of January 18, 2023. Currently, it holds a 0/95 detection score on VirusTotal, indicating it remains undetected by all participating security vendors as of the latest scan. The site utilizes a Let's Encrypt SSL certificate, which does not provide any meaningful security assurance in this context, as threat actors commonly use free certificates to appear legitimate. Notably, this domain has not yet been flagged on Google Safe Browsing (GSB) or widely adopted blocklists, suggesting it is either newly operational or actively evading detection mechanisms. These technical indicators—combined with the lack of prior enforcement actions—paint a concerning picture of an emerging but rapidly evolving threat actor infrastructure. As of the latest assessment, swissstarnode.tech remains in an active status with an 'under_investigation' risk level, indicating that further analysis is required to fully characterize its operational scope and impact. Security researchers and end users are advised to avoid interacting with this domain and to verify its safety status using PhishDestroy’s threat intelligence platform before any form of engagement. While the immediate risk is elevated due to undetected activity, the absence of blocklist entries and GSB flags suggests a window of opportunity for proactive blocking. Users should also report any encounters with this domain to threat intelligence communities to accelerate remediation efforts. The residual risk remains high until this domain is universally flagged and its infrastructure is taken offline or neutralized. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2023-01-18 23:25:30 - Registrar: NameCheap, Inc. - IP: 144.76.155.11 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/5129ad75-74dc-4b1c-87cd-818c9cd97354 - PhishDestroy: https://phishdestroy.io/domain/swissstarnode.tech/ - LLM endpoint: https://phishdestroy.io/domain/swissstarnode.tech/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/swissstarnode.tech/ Last updated: 2026-04-01