# wasmnode.com — SUSPICIOUS

> wasmnode.com hosts a crypto drainer impersonating legitimate services. Verify this site now via PhishDestroy—VT score 0/95, recently created May 29, 2025

## Summary
PhishDestroy identifies wasmnode.com as an active crypto drainer under investigation, posing as a legitimate WebAssembly node service. The domain leverages deceptive branding to trick users into connecting wallets or entering private keys, resulting in rapid cryptocurrency theft. Technical analysis indicates this fraudulent service is configured to harvest funds via fake transaction approvals or direct private key extraction, commonly referred to as a crypto drainer kit.  This domain exhibits multiple red flags: it resolves to IP 188.114.97.3 and was registered on May 29, 2025 through NAMECHEAP INC. VirusTotal currently reports 0/95 detections, and the domain holds an SSL certificate from Google Trust Services. As of this report, wasmnode.com remains unlisted on major blocklists such as Google Safe Browsing (GSB) and PhishTank, making it a high-risk, low-visibility threat.  Although the threat is currently active and under investigation, users are strongly advised to avoid visiting wasmnode.com and verify any related links through PhishDestroy. The lack of detections and recent domain creation (under 30 days) suggest this campaign is in early deployment. Remaining risk is high due to zero detection coverage and the absence of widespread takedown actions. Immediate domain blocking and user awareness are critical to mitigate potential losses from crypto drainer activity.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-05-29 09:50:57
- Registrar: NAMECHEAP INC
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/wasmnode.com
- PhishDestroy: https://phishdestroy.io/domain/wasmnode.com/
- LLM endpoint: https://phishdestroy.io/domain/wasmnode.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/wasmnode.com/
Last updated: 2026-04-09