# trzor-suite-iio.pages.dev — SUSPICIOUS

> trzor-suite-iio.pages.dev is a crypto drainer phishing site impersonating Trust Wallet—verify on PhishDestroy before clicking.

## Summary
PhishDestroy identifies trzor-suite-iio.pages.dev as an active crypto drainer phishing domain currently distributing malicious payloads. This domain mimics the Trust Wallet ecosystem to trick users into connecting crypto wallets and draining assets. PhishDestroy has flagged this domain as an elevated threat due to its confirmed malicious infrastructure and active exploitation attempts.  This domain was registered through Cloudflare, Inc. and resolves to IP address 172.66.44.230. Security threat intelligence shows this domain has been flagged by 1 of 95 VirusTotal vendors and carries a Google Trust Services SSL certificate. The domain is hosted on Cloudflare Pages, a legitimate platform abused by threat actors to deploy phishing infrastructure rapidly. Analysis indicates this domain leverages deceptive visual elements and social engineering tactics to impersonate the Trust Wallet interface, specifically targeting users seeking to connect wallets to decentralized applications.  The current status of trzor-suite-iio.pages.dev remains active as of analytical review. PhishDestroy recommends users immediately block this domain at network and browser levels. Users who may have interacted with this domain should disconnect wallets from websites, revoke any unauthorized permissions, and scan devices for malware. Organizations should update firewall rules to block IP 172.66.44.230 and consider domain blocking policies for *.pages.dev domains distributing crypto drainers. Continuous monitoring through PhishDestroy’s platform is advised to detect related infrastructure variations.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.230

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0e923087-ac18-4d93-ab76-392847c1c620
- PhishDestroy: https://phishdestroy.io/domain/trzor-suite-iio.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/trzor-suite-iio.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trzor-suite-iio.pages.dev/
Last updated: 2026-03-22