# xget.bet — SUSPICIOUS

> xget.bet identified as a cryptocurrency drainer phishing domain with 0/95 VirusTotal detections. Review the full report for safety.

## Summary
PhishDestroy identifies xget.bet as an active cryptocurrency drainer phishing domain under current investigation. This domain mimics legitimate crypto service portals to trick users into connecting fraudulent wallet drainers, potentially resulting in asset theft. No specific brand impersonation has been confirmed at this stage, but the domain's registration and infrastructure suggest a focus on crypto-related lures. Initial analysis indicates the use of a drainer kit designed to harvest private keys and seed phrases from unsuspecting victims.  This domain was flagged with a VirusTotal detection score of 0 out of 95 engines as of the latest scan, indicating zero current detection despite its malicious intent. It resolves to IP address 172.67.137.154 and is registered through PDR Ltd. d/b/a PublicDomainRegistry.com. The domain was created on March 25, 2026, and secured with a Let's Encrypt SSL certificate, adding a veneer of legitimacy. At present, this domain is not flagged by Google Safe Browsing and has not been listed on any major threat intelligence blocklists.  The current status of xget.bet remains active, with ongoing monitoring by PhishDestroy and allied SOC teams. Immediate defensive actions include blocking the domain and associated IP at the network perimeter, flagging the SSL certificate for revocation where feasible, and distributing indicators of compromise to trusted partners. While the initial risk remains classified as under_investigation due to the low detection rates and fresh registration, the combination of cryptocurrency targeting, drainer infrastructure, and absence of detection signals elevated concern. Users are strongly advised to avoid interacting with xget.bet and report any observed connections or wallet compromise to their security teams. Additional forensic evidence is being collected to refine classification and accelerate defensive response.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-25 08:52:23
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 172.67.137.154

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/xget.bet
- PhishDestroy: https://phishdestroy.io/domain/xget.bet/
- LLM endpoint: https://phishdestroy.io/domain/xget.bet/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/xget.bet/
Last updated: 2026-04-04