# uisdthedai.xyz — SUSPICIOUS

> Beware: uisdthedai.xyz hosts a crypto drainer impersonating legitimate platforms. Scan with PhishDestroy for real-time safety. Domain resolved to 188.114.97.3.

## Summary
PhishDestroy identifies uisdthedai.xyz as a recently activated domain engaged in crypto drainer phishing activity, likely targeting cryptocurrency users through deceptive transaction interfaces. The domain does not directly impersonate a specific brand but leverages generic crypto-related terminology to lure victims into connecting wallets or approving fraudulent transactions. Initial forensic analysis suggests this threat utilizes a drainer kit designed to silently siphon funds from connected wallets upon user interaction, though the exact payload and distribution vectors remain under investigation.  This domain exhibits multiple indicators of malicious intent. VirusTotal currently reports 0/95 detections, indicating it has evaded automated scanners at the time of assessment. The domain resolves to IP address 188.114.97.3 and was registered through Dynadot LLC on April 02, 2026. The SSL certificate is issued by Let's Encrypt, which is commonly abused for short-lived phishing operations. As of this report, the domain remains unlisted on Google Safe Browsing (GSB) and has not been flagged by major threat intelligence blocklists, leaving users vulnerable during this early stage of deployment. The domain's age and clean reputation metrics suggest a deliberate effort to avoid detection while the infrastructure is primed for malicious operations.  The current status of this threat is active and under active investigation by PhishDestroy's threat intelligence team. Immediate defensive actions include domain blocking at the network perimeter and user awareness campaigns highlighting the risks of unsolicited crypto-related domains. While the domain's technical indicators show low detection rates, the combination of recent registration, active resolution, and drainer kit deployment elevates the risk to users interacting with crypto platforms. Remaining risk factors include potential domain rotation, payload evolution, and expansion into targeted phishing campaigns. Users are strongly advised to verify any crypto-related domains using PhishDestroy's real-time scanning tools and to avoid interacting with unsolicited wallet connection requests.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-02 17:24:38
- Registrar: Dynadot LLC
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/uisdthedai.xyz
- PhishDestroy: https://phishdestroy.io/domain/uisdthedai.xyz/
- LLM endpoint: https://phishdestroy.io/domain/uisdthedai.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/uisdthedai.xyz/
Last updated: 2026-04-04