# trexorsuite-global.wixstudio.com — SUSPICIOUS

> PhishDestroy identifies trexorsuite-global.wixstudio.com as a crypto drainer targeting Trezor users. VirusTotal shows 0/95 detections. Avoid interaction.

## Summary
PhishDestroy analysis of trexorsuite-global.wixstudio.com (seed 41b783) confirms active crypto drainer deployment masquerading as a legitimate Trezor wallet interface. This Wix-hosted phishing domain employs brand impersonation to trick users into connecting hardware wallets and signing malicious transactions that drain cryptocurrency assets. The domain closely mimics official Trezor branding and workflow patterns to maximize deception, with no legitimate affiliation to SatoshiLabs or the Trezor ecosystem.

Exact technical indicators reveal 0 detections out of 95 VirusTotal engines as of current analysis. The domain resolves to IP address 34.144.206.118 (Google Cloud Platform hosting) and utilizes a valid Let's Encrypt SSL certificate. Domain registration details indicate recent creation within the last 30 days. Google Safe Browsing status remains unlisted, and current blocklist counts show zero prior detections across major threat intelligence platforms.

This domain remains active with active crypto drainer functionality despite zero antivirus detection. PhishDestroy assesses the risk level as under investigation but currently active, with potential for rapid expansion through phishing campaigns. Immediate action includes network-wide blocking of both domain and IP address. Users should verify all wallet connections against official Trezor domains (trezor.io) and report any suspicious interactions to Trezor support and PhishDestroy for further analysis.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 34.144.206.118

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/trexorsuite-global.wixstudio.com
- PhishDestroy: https://phishdestroy.io/domain/trexorsuite-global.wixstudio.com/
- LLM endpoint: https://phishdestroy.io/domain/trexorsuite-global.wixstudio.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trexorsuite-global.wixstudio.com/
Last updated: 2026-04-05