# trzsute.zapier.app — MALICIOUS > trzsute.zapier.app is an active crypto drainer impersonating brands—verified by PhishDestroy after VirusTotal flagged 6/95 vendors. ## Summary PhishDestroy identifies trzsute.zapier.app as an active crypto drainer posing as legitimate services to trick users into connecting wallets or submitting seed phrases. This domain was flagged after 6 out of 95 VirusTotal security vendors detected malicious activity, and it resolves to IP 64.239.123.193 under a Let’s Encrypt SSL certificate. The domain is hosted on Zapier’s app platform and has been active for at least 30 days, indicating a sustained campaign rather than a short-lived scam. This threat is elevated due to the combination of active hosting, SSL encryption, and partial detection by mainstream security tools. The use of a legitimate platform (Zapier) to disguise the malicious intent is a known tactic to bypass basic email filters and domain reputation checks. Users should avoid interacting with any requests to connect wallets, enter private keys, or log in through this domain, as it may silently drain cryptocurrency or harvest credentials for further attacks. If you visited trzsute.zapier.app, disconnect your wallet immediately using your wallet’s built-in security features, revoke any unauthorized permissions via blockchain explorers like Etherscan, and scan your device with updated antivirus software. Report your wallet address and any transaction alerts to your wallet provider and consider moving remaining funds to a new, secure wallet with a hardware-based signature process. Always verify site authenticity by checking domain spelling, SSL certificate details, and using tools like PhishDestroy before entering sensitive information. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 64.239.123.193 ## Detection Status - VirusTotal: 6 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/trzsute.zapier.app - PhishDestroy: https://phishdestroy.io/domain/trzsute.zapier.app/ - LLM endpoint: https://phishdestroy.io/domain/trzsute.zapier.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/trzsute.zapier.app/ Last updated: 2026-04-02