# web3-ai.sbs — SUSPICIOUS

> web3-ai.sbs is a fake AI crypto wallet phishing site stealing credentials. Avoid it—blocked by MetaMask, SEAL, and 2 security lists since March 2026.

## Summary
PhishDestroy identifies web3-ai.sbs as an active phishing site masquerading as an AI-powered cryptocurrency wallet to steal user credentials and assets. The domain leverages social engineering tactics, including a Let's Encrypt SSL certificate, to appear legitimate while hosting malicious content designed to harvest private keys and seed phrases. This campaign specifically targets Web3 users by exploiting trust in AI-related services, with the domain resolving to IP 104.21.87.70 and actively serving fake wallet interfaces.  This domain was flagged as malicious with a 0/95 detection rate on VirusTotal, indicating evasion of most antivirus engines despite its active status. The domain was registered on March 05, 2026, through Gname.com Pte. Ltd., a registrar known for hosting high volumes of suspicious domains. Additionally, it has been blocked by MetaMask and SEAL security solutions and appears on two independent threat intelligence blocklists, confirming its malicious reputation.  Users who visited web3-ai.sbs should immediately revoke any connected wallet permissions, transfer assets to a new wallet, and scan their devices for malware. Do not enter any credentials or private keys on this domain. Report the domain to your security provider and avoid interacting with similar AI-themed crypto services without verification. Monitor blockchain transactions for unauthorized transfers.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-05 05:19:32
- Registrar: Gname.com Pte. Ltd.
- IP: 104.21.87.70

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["SEAL", "MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/web3-ai.sbs
- PhishDestroy: https://phishdestroy.io/domain/web3-ai.sbs/
- LLM endpoint: https://phishdestroy.io/domain/web3-ai.sbs/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/web3-ai.sbs/
Last updated: 2026-04-04