# usdteth.co — SUSPICIOUS

> usdteth.co impersonates Tether USDT in a phishing drainer scam. 0/95 VT detections, registered April 5 2026 via GoDaddy. Check the full report.

## Summary
PhishDestroy identifies usdteth.co as an active phishing domain impersonating Tether USDT tokens, utilizing a drainer kit designed to siphon cryptocurrency from unwitting victims. The domain mimics legitimate USDT web interfaces to dupe users into connecting wallets or providing seed phrases, with infrastructure built to exfiltrate assets under the guise of token transfers. No custom malware is observed in current samples; instead, the threat relies on social engineering and lookalike branding to compromise private keys and drain funds directly from connected wallets.  usdteth.co exhibits the following technical indicators: VirusTotal score 0/95 detections, resolving to IP 173.214.163.18, registered through GoDaddy.com, LLC on April 05, 2026, secured with a Let’s Encrypt SSL certificate, and currently not flagged in Google Safe Browsing or other major threat intelligence blocklists. The domain’s age and lack of prior reputation establish a fresh attack surface with minimal prior exposure, increasing the risk of successful infiltration before widespread detection.  The domain remains active and under investigation with a current risk status labeled as 'under_investigation'. Immediate response actions include monitoring associated IP and SSL certificate rotation, as well as updating network blocklists for 173.214.163.18 and the domain itself. While the immediate risk is elevated due to zero detection on VirusTotal and absence from global blocklists, the lack of historic activity suggests this campaign may be in early stages. Users are advised to avoid visiting usdteth.co, verify all URLs prior to wallet connections, and report any suspicious interactions involving USDT-related services via official Tether support channels.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-05 08:00:41
- Registrar: GoDaddy.com, LLC
- IP: 173.214.163.18

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/usdteth.co
- PhishDestroy: https://phishdestroy.io/domain/usdteth.co/
- LLM endpoint: https://phishdestroy.io/domain/usdteth.co/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/usdteth.co/
Last updated: 2026-04-07