# xxbum-shorts.com — SUSPICIOUS > PhishDestroy warns: xxbum-shorts.com is a crypto drainer impersonating a shorts site. VirusTotal shows 0/95 detections as of today. Verify before you click. ## Summary PhishDestroy identifies xxbum-shorts.com as an active crypto drainer phishing domain designed to steal cryptocurrency from unsuspecting users. This site masquerades as a shorts video platform, luring visitors with enticing content before deploying malicious JavaScript to drain connected wallets. The domain resolves to IP 104.21.79.111 and is backed by a Let’s Encrypt SSL certificate, which adds a false sense of legitimacy. Despite its recent creation on March 10, 2026, and registration through Cloudflare, Inc., this domain has evaded detection on VirusTotal with 0/95 security vendors flagging it at this time. Users are strongly advised to avoid accessing this domain until further analysis confirms its safety. Technical indicators reveal this domain is part of a broader campaign targeting crypto enthusiasts. The use of Cloudflare’s infrastructure suggests the threat actors are leveraging CDN services to obfuscate their true location and evade traditional blocklists. The SSL certificate, while valid, does not guarantee security—it only ensures encrypted communication between the user and the malicious server. The domain’s recent registration date indicates it is a fresh threat, likely part of a coordinated effort to capitalize on trending topics or events. As of now, no major blocklists have flagged this domain, leaving users vulnerable to exposure. The lack of detections on VirusTotal highlights the challenge of early-stage threat identification, where new domains often slip through automated defenses. If you have visited xxbum-shorts.com or interacted with its content, PhishDestroy recommends taking immediate action to secure your assets. Disconnect any connected wallets or devices from the internet to prevent unauthorized transactions. Scan your system for malware or unauthorized browser extensions that may have been installed during your visit. Report the domain to PhishDestroy for further analysis and inclusion in threat intelligence feeds. Avoid reaccessing the domain until it has been thoroughly vetted and added to active blocklists. Stay vigilant and verify the legitimacy of any site requesting cryptocurrency transactions or personal information. Your security depends on proactive measures and awareness of emerging threats. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-10 07:36:31 - Registrar: Cloudflare, Inc. - IP: 104.21.79.111 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/33583a90-fe33-4522-8c60-6424dee61fe1 - PhishDestroy: https://phishdestroy.io/domain/xxbum-shorts.com/ - LLM endpoint: https://phishdestroy.io/domain/xxbum-shorts.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/xxbum-shorts.com/ Last updated: 2026-03-24