# trzosuite.wixstudio.com — SUSPICIOUS

> Malicious domain trzosuite.wixstudio.com is a crypto drainer impersonating Spotify. Flagged by 0/95 vendors but blocked by PhishingArmy and OISD.

## Summary
PhishDestroy identifies active malicious domain trzosuite.wixstudio.com as a crypto drainer impersonating Spotify login pages. Current status remains under investigation as threat intelligence continues gathering. Users are advised to avoid interaction while further analysis is conducted.  This domain resolves to IP 34.144.206.118 and carries concerning indicators including zero detections on VirusTotal (0/95 vendors), placement on 2 security blocklists, and blocking by PhishingArmy and OISD. The domain operates under Wix's hosting service utilizing a Let's Encrypt SSL certificate. Technical analysis confirms registration through Wix domains platform with hosting infrastructure located in Google Cloud's European data centers.  While immediate threat detection remains low due to absent AV signatures, the combination of blocklist coverage and cryptocurrency-focused malicious behavior warrants elevated caution. Concrete safety recommendations include immediate domain blocking at DNS/network level, user education regarding fake login pages, and verification of URLs through PhishDestroy's threat intelligence database before any credential submission. The active status requires continuous monitoring as threat actors frequently rotate infrastructure to evade detection.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 34.144.206.118

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishingArmy", "OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/trzosuite.wixstudio.com
- PhishDestroy: https://phishdestroy.io/domain/trzosuite.wixstudio.com/
- LLM endpoint: https://phishdestroy.io/domain/trzosuite.wixstudio.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trzosuite.wixstudio.com/
Last updated: 2026-04-07