# uphold-ai.com — MALICIOUS

> uphold-ai.com identified as crypto drainer domain. VirusTotal flags 9/95 vendors. Block access immediately to protect assets.

## Summary
PhishDestroy identifies uphold-ai.com as a live crypto drainer posing an elevated threat to unsuspecting users. The domain mimics legitimate fintech brands to trick victims into connecting wallets and signing malicious transactions that silently drain crypto holdings. Active campaigns leverage urgency (limited offers, account alerts) to push users toward fraudulent payment pages or wallet connection prompts. Security telemetry reveals this domain has already been weaponized against cryptocurrency users, with confirmed drainer behavior observed in the wild.  This domain was flagged by 9 out of 95 VirusTotal security vendors, indicating significant malicious activity. It was registered through Gname.com Pte. Ltd. on October 8, 2025, and resolves to IP 188.114.96.3, which hosts multiple high-risk domains. The SSL certificate issued by Google Trust Services adds a false veneer of legitimacy, further increasing deception potential. Given the low detection ratio and recent registration timing, this domain is likely part of a rapidly evolving campaign targeting crypto investors and DeFi users.  Any user who visited uphold-ai.com should immediately disconnect their wallet from any active sessions and revoke any permissions granted to unknown domains or applications. Review all recent transactions for unauthorized transfers and consider transferring remaining assets to a new, isolated wallet. Report the domain to your antivirus provider and block it at the network perimeter. Remain vigilant for follow-on phishing attempts using this domain or related infrastructure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-10-08 13:33:44
- Registrar: Gname.com Pte. Ltd.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 9 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7f14fb2e-c48b-42bc-90af-c6b276bce397
- PhishDestroy: https://phishdestroy.io/domain/uphold-ai.com/
- LLM endpoint: https://phishdestroy.io/domain/uphold-ai.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/uphold-ai.com/
Last updated: 2026-03-24