# v3-hyperliquid.co — SUSPICIOUS > PhishDestroy flags v3-hyperliquid.co as a brand impersonation site mimicking Hyperliquid; 0/95 VirusTotal detections as of April 2026. ## Summary PhishDestroy identifies v3-hyperliquid.co as an active brand impersonation domain designed to trick users into believing it is the legitimate Hyperliquid platform. The site leverages subtle naming variations to exploit user trust, a common tactic among crypto-focused credential theft operations. By impersonating a well-known decentralized exchange, attackers aim to harvest login credentials or seed phrases, potentially draining wallets linked to compromised accounts. This domain was flagged after technical analysis revealed several red flags. The domain resolves to IP address 130.12.180.128 and was registered through Dynadot Inc on April 07, 2026. Unusually, it holds a valid SSL certificate issued by Let's Encrypt, which can mislead users into trusting the site. VirusTotal currently shows zero detections across 95 security engines, indicating this threat remains largely undetected in public feeds. The combination of recent registration, a legitimate-looking certificate, and zero detections highlights the stealthy nature of this operation. If you have visited v3-hyperliquid.co, immediately disconnect from the site and avoid entering any credentials or wallet information. Check your crypto wallets for unauthorized transactions and revoke any permissions granted to suspicious domains. Use a reputable password manager to update and secure all related login details. Consider running a full antivirus scan and monitor your accounts for unusual activity. When in doubt, always verify URLs through official channels before engaging. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Hyperliquid ## Domain Intelligence - Registered: 2026-04-07 11:43:22 - Registrar: Dynadot Inc - IP: 130.12.180.128 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/v3-hyperliquid.co - PhishDestroy: https://phishdestroy.io/domain/v3-hyperliquid.co/ - LLM endpoint: https://phishdestroy.io/domain/v3-hyperliquid.co/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/v3-hyperliquid.co/ Last updated: 2026-04-07