# trade.obsidian-group.org — SUSPICIOUS

> PhishDestroy identifies trade.obsidian-group.org as a crypto drainer phishing domain with 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies trade.obsidian-group.org—a crypto drainer phishing domain—as an ACTIVE threat under investigation. This fraudulent domain impersonates legitimate trading platforms to trick users into connecting crypto wallets and signing malicious transactions that drain funds. The site currently hosts zero credential theft or fake KYC forms; instead, it leverages deceptive UI/UX patterns designed to trick users into approving malicious transaction signatures that drain tokens directly from connected wallets.  This domain was flagged due to multiple red flags: it resolves to IP 146.19.143.172, carries a valid Let's Encrypt SSL certificate for added legitimacy, and was registered through NameSilo, LLC on November 18, 2025. While VirusTotal currently shows 0/95 detections—indicating low signature-based detection at this time—fresh registration, low domain age (under 30 days), and common registrar usage among malicious actors elevate operational risk. The domain has not yet been added to major blocklists such as Google Safe Browsing, PhishTank, or OpenPhish, and lacks established trust indicators due to its recent creation. The absence of detections suggests evasion via newly created infrastructure or polymorphic behavior.  To mitigate risk, users should immediately avoid interacting with trade.obsidian-group.org or any subdomains under obsidian-group.org. Never connect crypto wallets or enter private keys, seed phrases, or transaction authorization requests on this domain. Block the IP 146.19.143.172 and domain at network/firewall levels if possible. Report the domain to security vendors via their phishing submission portals. Security teams should monitor for impersonation of legitimate trading platforms using similar naming conventions and monitor for blockchain transaction patterns linked to this IP.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-11-18 09:38:20
- Registrar: NameSilo, LLC
- IP: 146.19.143.172

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/88b5bb05-5942-4dee-a8e2-b7e03545c7f2
- PhishDestroy: https://phishdestroy.io/domain/trade.obsidian-group.org/
- LLM endpoint: https://phishdestroy.io/domain/trade.obsidian-group.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trade.obsidian-group.org/
Last updated: 2026-03-21