# wallet.zeralabs.co — SUSPICIOUS

> wallet.zeralabs.co is under investigation for crypto draining activity. Exercise caution and avoid interactions until more details emerge.

## Summary
PhishDestroy identifies wallet.zeralabs.co as a suspicious domain potentially linked to crypto drainer malware. It falls under active scrutiny for its role in unauthorized crypto asset theft.

The domain resolves to IP 188.114.97.3 and was registered through PublicDomainRegistry.com on March 8, 2026. Despite zero detections on VirusTotal, its recent creation and registrar choice raise caution flags.

Currently active and under investigation, wallet.zeralabs.co remains unflagged by major security tools. Users are advised to stay vigilant and report any unusual crypto-related activity associated with this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: Zera Wallet

## Domain Intelligence
- Registered: 2026-03-08 18:34:31
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: amos.ns.cloudflare.com maya.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["SOCRadar", "Trustwave"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd29b-37c2-72a9-b82c-6eb749458768.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/dba368ef-d1aa-4792-a416-24886105e58f
- PhishDestroy: https://phishdestroy.io/domain/wallet.zeralabs.co/
- LLM endpoint: https://phishdestroy.io/domain/wallet.zeralabs.co/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/wallet.zeralabs.co/
Last updated: 2026-03-19