# tangemdesktop.com — MALICIOUS > PhishDestroy identifies tangemdesktop.com as a credential-harvesting site posing as desktop wallet software. ## Summary PhishDestroy identifies tangemdesktop.com as a live credential-harvesting campaign masquerading as legitimate Tangem desktop wallet software. This site lures cryptocurrency users into entering seed phrases and private keys under the pretext of software updates or device synchronization. Once captured, harvested credentials are immediately relayed to attacker-controlled infrastructure for theft or sale on underground markets, enabling direct control over victim wallets and funds. This domain was flagged by 7 out of 95 VirusTotal security vendors, placed on 1 public blocklist, and registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 29 2026. The site operates from IP 216.198.79.1 under a Let’s Encrypt SSL certificate, which can mislead users into believing the connection is secure. Google Safe Browsing classifies the domain under SOCIAL_ENGINEERING due to its deceptive branding and fraudulent user interface. The combination of low blocklist coverage, recent domain age, and partial detection by security tools creates an elevated risk environment where unsuspecting users remain vulnerable to credential compromise. If you visited tangemdesktop.com, immediately cease use of any entered credentials, revoke any exposed wallet keys or seed phrases, and transfer remaining funds to a newly generated wallet using verified official software. Scan your device with reputable antivirus tools for potential malware infestation. Report the domain to your email provider and browser security teams to aid in broader blocking. Avoid clicking any links or downloading files from this domain in the future, and verify all software sources directly through official Tangem channels before installation. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-29 12:13:02 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 216.198.79.1 ## Detection Status - VirusTotal: 7 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 1 hits Lists: ["InversionDNS"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/tangemdesktop.com - PhishDestroy: https://phishdestroy.io/domain/tangemdesktop.com/ - LLM endpoint: https://phishdestroy.io/domain/tangemdesktop.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/tangemdesktop.com/ Last updated: 2026-04-02