# zeker-gainex.com — SUSPICIOUS > PhishDestroy issues alert: zeker-gainex.com is an active crypto drainer site flagged by 2 of 95 VirusTotal vendors—verify on PhishDestroy before any interaction. ## Summary PhishDestroy has identified zeker-gainex.com as a live crypto drainer domain engineered to silently siphon cryptocurrency from unwitting wallet holders. The threat remains active and is currently distributing malicious scripts that automatically trigger unauthorized transfers upon wallet connection. No specific brand is being explicitly mimicked by the landing page, which instead presents a fake trading or investment front to lure victims into connecting wallets. zeker-gainex.com was registered on August 28, 2025 via the registrar NETIM and resolves to the IP address 91.236.116.172. The domain is currently flagged by exactly 2 of 95 VirusTotal security vendors and carries no trustworthy reputation scores. The SSL certificate issued by Let’s Encrypt is valid, providing an appearance of legitimacy that may deceive users focused solely on the padlock icon. All detection metrics remain at concerning low levels, indicating that widespread blocklisting has yet to occur. Given the elevated risk and current active status, PhishDestroy strongly advises users to avoid any interaction with zeker-gainex.com and to immediately block the domain and its resolving IP 91.236.116.172 at the network perimeter. If you have recently visited this site and connected a wallet, revoke any granted permissions, transfer remaining funds to a new wallet under your exclusive control, and run a full antivirus scan on all devices. For continued monitoring, submit any suspicious URLs to PhishDestroy for real-time verification and inclusion in global threat feeds. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-08-28 12:55:45 - Registrar: NETIM - IP: 91.236.116.172 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/afa9b549-d2e4-4486-b185-00666bd240da - PhishDestroy: https://phishdestroy.io/domain/zeker-gainex.com/ - LLM endpoint: https://phishdestroy.io/domain/zeker-gainex.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/zeker-gainex.com/ Last updated: 2026-03-21