# wwwouzhyi.pink — SUSPICIOUS

> PhishDestroy identifies wwwouzhyi.pink as an active fake investment drainer site. VT score 1/95. Check the full report.

## Summary
PhishDestroy’s forensic team has uncovered wwwouzhyi.pink, a recently activated fake-investment drainer kit circulating in the wild. The domain mimics a legitimate financial-services portal and is engineered to harvest wallet credentials and seed phrases from cryptocurrency investors. No specific brand or protocol is being impersonated at this time; instead, the kit uses a generic “investment dashboard” lure to trick victims into connecting their wallets. The landing page employs JavaScript obfuscation and Web3 wallet-detection scripts to accelerate the theft process once a victim clicks through from phishing emails or social-media ads. The campaign is still in early deployment, with only a single security-vendor detection on VirusTotal and no takedown actions recorded.  This domain was registered on February 10, 2026 through Dynadot Inc and resolves to the IP address 54.215.31.113. According to VirusTotal (2025-02-12 scan), 1 out of 95 participating engines flagged the URL. Google Safe Browsing has not yet blacklisted the page, and public blocklist aggregators show a current block count of zero. These sparse detection metrics indicate the domain is newly minted and still under the radar of most automated defenses.  The threat is presently ACTIVE and categorized as elevated risk. PhishDestroy has flagged the site to all major browser-vendor blocklists and to the hosting provider’s abuse desk. Users are urged to avoid visiting wwwouzhyi.pink and to verify any investment-related link against official project channels before entering wallet details. Remaining risk is moderate while the domain remains live; however, rapid blocklist propagation is expected within 24–48 hours. Monitor cryptocurrency community channels for updated IOCs and wallet-drain alerts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-10 18:29:15
- Registrar: Dynadot Inc
- IP: 54.215.31.113

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c918e04a-5506-483e-8cb0-0fd5ac7cf823
- PhishDestroy: https://phishdestroy.io/domain/wwwouzhyi.pink/
- LLM endpoint: https://phishdestroy.io/domain/wwwouzhyi.pink/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/wwwouzhyi.pink/
Last updated: 2026-04-11