# veblackholepool.xyz — SUSPICIOUS > veblackholepool.xyz impersonates legitimate crypto-mining pools. Flagged by 3 of 95 VirusTotal vendors, it hosts elevated-risk malware downloads. ## Summary PhishDestroy identifies veblackholepool.xyz as an active typosquatting fraud portal designed to deceive cryptocurrency mining enthusiasts. This domain poses an elevated risk as a generic phishing host specifically targeting users expecting legitimate crypto-mining pools. The infrastructure currently resolves to IP 172.67.180.30 via a Google Trust Services SSL certificate, suggesting an attempt to appear legitimate. VirusTotal flags show 3 out of 95 security vendors have detected malicious content on this domain since its creation. The domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on August 20, 2025, indicating very recent deployment as part of a coordinated typosquatting campaign against crypto communities. Technical analysis reveals this domain mimics established mining pool branding through slight typographical variations, a common tactic in cryptocurrency fraud. The short domain age combined with low but present detection rates suggests this may be a newly launched threat still building its reputation across security platforms. The presence of a valid SSL certificate further indicates attempts to bypass browser security warnings that typically flag invalid certificates. Current status remains active with continued domain resolution. Users should immediately block veblackholepool.xyz at DNS/network levels and avoid all mining pool-related downloads from this domain. Update security tools with this IOC and consider reporting to relevant cryptocurrency fraud databases. Security teams should monitor for additional domains registered through the same registrar following this pattern. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-08-20 05:23:20 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 172.67.180.30 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/fcd9a6aa-b55c-4469-8272-525ec07315c5 - PhishDestroy: https://phishdestroy.io/domain/veblackholepool.xyz/ - LLM endpoint: https://phishdestroy.io/domain/veblackholepool.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/veblackholepool.xyz/ Last updated: 2026-03-27