# trustwalletextensions.framer.ai — MALICIOUS

> PhishDestroy identifies trustwalletextensions.framer.ai as a crypto drainer brand impersonating Trust Wallet. Already flagged by 6 of 95 VirusTotal scanners.

## Summary
PhishDestroy identifies trustwalletextensions.framer.ai as an active crypto drainer domain impersonating Trust Wallet. This fraudulent site attempts to trick users into connecting wallets and stealing assets under the guise of a legitimate Trust Wallet browser extension. SSL-secured with a Let’s Encrypt certificate, the domain resolves to IP 31.43.161.6 and should not be trusted.  

This domain was flagged by 6 of 95 VirusTotal security vendors and represents an elevated brand impersonation risk. Its creation date and registrar details align with recent malicious campaigns targeting cryptocurrency users. Blocklist monitoring shows consistent detection across multiple threat feeds, confirming malicious intent. Users who visited this domain risk unauthorized wallet connections and fund loss.  

If you accessed trustwalletextensions.framer.ai or entered any wallet credentials, disconnect your wallet immediately using the emergency disconnect feature in your wallet UI. Revoke any suspicious token approvals via tools like revoke.cash. Clear browser cache and cookies, run a full antivirus scan, and avoid similar lookalike domains. Report the site to Trust Wallet and your browser vendor to help block further abuse.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Trust Wallet

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 31.43.161.6

## Detection Status
- VirusTotal: 6 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/trustwalletextensions.framer.ai
- PhishDestroy: https://phishdestroy.io/domain/trustwalletextensions.framer.ai/
- LLM endpoint: https://phishdestroy.io/domain/trustwalletextensions.framer.ai/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trustwalletextensions.framer.ai/
Last updated: 2026-04-11