# trust-extx.framer.media — SUSPICIOUS

> trust-extx.framer.media spreads a crypto drainer malware; flagged by 0 of 95 VirusTotal vendors. Avoid this domain to protect your crypto assets.

## Summary
PhishDestroy identifies trust-extx.framer.media as an active crypto drainer phishing domain currently under investigation. This site has been classified as a high-risk threat due to its active deployment of malicious scripts designed to drain cryptocurrency from unwitting victims' wallets. The domain is not yet flagged by most security vendors, making it a stealthy and evolving threat.


This domain resolves to IP address 31.43.161.6 and utilizes a Let's Encrypt SSL certificate for deceptive legitimacy. VirusTotal currently reports 0 detections out of 95 security vendors, indicating that mainstream threat intelligence platforms have not yet recognized its malicious nature. The site operates under the Framer media service, which may be leveraged to host fraudulent pages with minimal oversight. Given its active status and lack of widespread detection, users should exercise extreme caution.


The current status of trust-extx.framer.media remains active and under investigation, suggesting active operation by threat actors. To ensure safety, users should immediately block access to this domain via their network settings or firewall. Additionally, avoid interacting with any links, QR codes, or downloads associated with this site. If crypto transactions are involved, verify the recipient address through multiple independent channels before proceeding. Updated threat intelligence will be provided as further investigations unfold.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 31.43.161.6

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/3d56917c-da63-46a6-8a7f-1fd382ae9f77
- PhishDestroy: https://phishdestroy.io/domain/trust-extx.framer.media/
- LLM endpoint: https://phishdestroy.io/domain/trust-extx.framer.media/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trust-extx.framer.media/
Last updated: 2026-03-23