# uphold-finance.com — MALICIOUS > PhishDestroy identifies uphold-finance.com as a crypto drainer impersonating Uphold, flagged by 16 of 95 VirusTotal vendors. ## Summary PhishDestroy identifies uphold-finance.com as an active crypto drainer impersonating the legitimate cryptocurrency platform Uphold. The domain is currently operational and poses a significant risk to users who may unknowingly interact with it, as it is designed to deceive visitors into connecting their wallets or entering sensitive credentials under false pretenses. uphold-finance.com has been flagged by 16 of 95 VirusTotal security vendors, indicating widespread suspicion of its malicious intent. The domain was registered through TuringSign Inc. d/b/a Cosmotown on December 08, 2025, and resolves to the IP address 152.53.54.168. It operates under a Let’s Encrypt SSL certificate, which may contribute to a false sense of legitimacy. The recent creation date and low trust scores further underscore its dubious nature, as it has not yet established any credibility in the security community. Given its elevated risk level and confirmed malicious activity, users are strongly advised to avoid interacting with uphold-finance.com under any circumstances. To mitigate potential threats, PhishDestroy recommends blocking this domain at the network level and verifying any suspicious links through its platform. Additionally, users should cross-reference domain registrations and SSL certificates before engaging with cryptocurrency-related websites. Immediate action is critical to prevent financial loss or credential theft associated with this crypto drainer. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-12-08 16:34:27 - Registrar: TuringSign Inc. d/b/a Cosmotown - IP: 152.53.54.168 ## Detection Status - VirusTotal: 16 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/611179f0-d951-46aa-95a6-32a55a8bab0f - PhishDestroy: https://phishdestroy.io/domain/uphold-finance.com/ - LLM endpoint: https://phishdestroy.io/domain/uphold-finance.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/uphold-finance.com/ Last updated: 2026-03-24