# trustwalletqzi.com — MALICIOUS

> Trustwalletqzi.com impersonates Trust Wallet to steal credentials. Stay alert and avoid this high-risk domain. Learn more to protect your crypto assets.

## Summary
PhishDestroy has identified trustwalletqzi.com as a high-risk phishing domain impersonating the well-known cryptocurrency wallet brand, Trust Wallet. This domain was created on February 21, 2026, and was designed to deceive users by mimicking Trust Wallet’s branding, aiming to steal sensitive credentials and compromise users’ crypto holdings. The presence of a 504 page title indicates possible server issues or downtime during analysis.

Technically, trustwalletqzi.com resolved to the IP address 154.219.125.3 and was registered through Gname.com Pte. Ltd. The domain has been flagged by 12 out of 95 security vendors on VirusTotal and appears on two security blocklists, underscoring its malicious reputation. The combination of brand impersonation with multiple security detections highlights the domain’s intent to deceive and exploit Trust Wallet users.

Currently, trustwalletqzi.com is offline and no longer accessible, mitigating immediate risk. However, PhishDestroy recommends users remain vigilant and avoid interacting with suspicious domains that imitate legitimate crypto services. Users should verify URLs carefully, enable two-factor authentication on their wallets, and report any phishing attempts related to Trust Wallet. Continuous monitoring of newly registered domains similar to trusted brands is crucial to preempt future phishing campaigns.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Target brand: Trust Wallet
- Page title: 504

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 154.219.125.3
- IP Country: US
- IP City: Los Angeles
- IP Org: AS8796 FASTNET DATA INC
- Nameservers: ["a8.share-dns.com", "b8.share-dns.net"]
- SSL Issuer: Let's Encrypt / R12

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b055d-48db-76a9-a4e3-263537c1601d.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/93a6fec4-96f1-44ca-8a59-9d85cd1983dc
- PhishDestroy: https://phishdestroy.io/domain/trustwalletqzi.com/
- LLM endpoint: https://phishdestroy.io/domain/trustwalletqzi.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trustwalletqzi.com/
Last updated: 2026-03-19