# www.trxem.com — SUSPICIOUS

> PhishDestroy identifies trxem.com as a brand impersonation site (1:95 VT detections). This fraudulent domain mimics a legitimate crypto platform to steal.

## Summary
PhishDestroy has flagged trxem.com as an active crypto drainer domain designed to impersonate a legitimate cryptocurrency platform. The threat actor leverages a deceptive domain name to trick users into connecting their wallets or entering sensitive credentials, which are then harvested for unauthorized fund transfers. This domain is currently under investigation but remains accessible and poses a direct risk to cryptocurrency users.  This domain was registered on April 02, 2026 through Internet Domain Service BS Corp. and resolves to IP address 172.67.200.33. VirusTotal currently shows 0/95 detections, indicating it has not yet been widely flagged by security vendors. The domain utilizes a Let's Encrypt SSL certificate to appear legitimate. PhishDestroy’s unique seed analysis (d76bbd) confirms this is a newly active threat with low detection coverage, increasing the risk of successful exploitation.  If you visited trxem.com or entered any information, disconnect your wallet immediately and revoke any unauthorized permissions via your wallet’s security settings. Do not interact with this domain further. Report the URL to your antivirus provider, browser vendor, and platforms like PhishDestroy using the unique seed identifier d76bbd for enhanced tracking and takedown efforts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-02 19:18:49
- Registrar: Internet Domain Service BS Corp.
- IP: 172.67.200.33

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/www.trxem.com
- PhishDestroy: https://phishdestroy.io/domain/www.trxem.com/
- LLM endpoint: https://phishdestroy.io/domain/www.trxem.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/www.trxem.com/
Last updated: 2026-04-03