# trustwalletjzu.com — MALICIOUS

> Warning: trustwalletjzu.com is an active high-risk crypto drainer domain. Avoid interacting to protect your digital assets.

## Summary
PhishDestroy identifies trustwalletjzu.com as a high-risk crypto drainer domain designed to steal cryptocurrency assets. Users who visit this site risk exposing their private keys, wallet credentials, or seed phrases, leading to unauthorized access and irreversible loss of funds. This type of threat is particularly dangerous because it targets digital wallets, where stolen assets are often immediately transferred out.

This phishing campaign typically operates by mimicking legitimate crypto wallet interfaces or services, tricking users into entering sensitive information. Once credentials are submitted, attackers can empty wallets without user consent. The domain was registered recently and is currently active, appearing on multiple security blocklists. VirusTotal analysis shows it is flagged by 17 out of 95 security vendors, reinforcing its malicious nature.

If someone has visited trustwalletjzu.com, it is crucial to immediately disconnect any connected wallets and change associated passwords and recovery phrases on legitimate platforms. Users should scan devices for malware and monitor their accounts for suspicious activity. Avoid using this domain or clicking any related links and report the phishing attempt to your wallet provider and security organizations to help protect others.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 200)
- Target brand: Trust Wallet

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 45.207.200.64
- IP Country: US
- IP City: Los Angeles
- IP Org: AS8796 FASTNET DATA INC
- Nameservers: ["a11.share-dns.com", "b11.share-dns.net"]
- SSL Issuer: Let's Encrypt / R12

## Detection Status
- VirusTotal: 17 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b8f75-ec13-7108-8734-410806d1c5e9.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/223d49f2-7c6e-4f8d-bae6-d3c3f74be824
- PhishDestroy: https://phishdestroy.io/domain/trustwalletjzu.com/
- LLM endpoint: https://phishdestroy.io/domain/trustwalletjzu.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trustwalletjzu.com/
Last updated: 2026-03-19