Threat Intelligence Dashboard

August 2025 Report

Detailed threat intelligence for 3,788 phishing domains. Registrar abuse, drainer kits, targeted brands, and AI-generated expert assessment.

146,053Total Detected
79,237Taken Down
57%Kill Rate
92.4%VT Coverage
38,873Abuse Reports
Overview May 261,969 Apr 2615,640 Mar 2618,821 Feb 2642,102 Jan 268,930 Dec 2511,773 Nov 2512,579 Oct 258,841 Sep 257,307 Aug 253,788 Jul 25700 Jun 254
August 2025 Intelligence Report 441.1%
3,788
2,139
Taken Down
1,556
Still Live
56.5%
Kill Rate
4877h
Avg Response
4.3
Avg VT Score

August 2025 saw a dramatic surge in phishing domains with 3,788 detected, marking a 441.1% increase from the previous month. The takedown rate stood at 67.6%, indicating significant operational success, though the mean registrar response time remains critically high at 4426.9 hours. Notably, Kraken and Ledger were heavily targeted, reflecting a strategic focus on cryptocurrency brands. The prevalence of the Angel Drainer kit, implicated in 220 cases, underscores a persistent threat of wallet draining for victims.

  • N/A remains the top abuse registrar with 458 domains, followed by NameSilo, LLC with 224 domains.
  • Targeting of Kraken and Ledger suggests a continued emphasis on cryptocurrency rather than traditional banking.
  • The .com TLD was the most weaponized with 1,828 instances, dwarfing other TLDs like .xyz and .life.
  • The Angel Drainer kit led the pack, posing a significant risk of wallet draining for cryptocurrency users.
  • The majority of phishing infrastructure is hosted in the US with 2,524 domains, indicating a concentration that defenders should prioritize.
  • Despite a takedown rate of 67.6%, the mean registrar response time of 4426.9 hours highlights a critical delay in mitigation efforts.
Outlook
Looking ahead to September 2025, defenders should anticipate continued targeting of cryptocurrency brands, with potential shifts towards new TLDs as attackers diversify. Registrars like N/A and NameSilo, LLC require escalated monitoring due to their high abuse concentrations. Vigilance against the Angel Drainer kit remains crucial to protect users from wallet draining threats.
Full Data on GitHub Browse All Domains Live Threats

Top Registrars

RegistrarDomains
Web Commerce Communications Limited 277
NameSilo, LLC 245
NiceNIC International Group Co., Limited 204
Dynadot LLC 189
NameCheap, Inc. 183
OwnRegistrar, Inc. 168
URL Solutions, Inc. 159
Cosmotown, Inc. 151

Targeted Brands

BrandDomains
across 450
Kraken 167
Google 159
Ethereum 148
Ledger 139
binance 126
Base 98
aave 70

Top TLDs

.com1,828 .xyz177 .life165 .app153 .org143 .top133 .live109 .net102

Hosting Countries

🇺🇸 US2,619 🇩🇪 DE278 🇷🇺 RU193 🇳🇱 NL157 🇨🇭 CH101 AE89 🇭🇰 HK56 🇺🇦 UA38

Active Drainer Kits

Angel Drainer220 Wallet Connect Abuse95 Solana Drainer31 Ice Phishing7 Inferno Drainer1

August 2025 Domains (3,788)

Sorted by VirusTotal detections. Click any domain for full security report.

aa.stnred2.sa.com
16 VTTaken Down
aerocoin.xyz
16 VTTaken DownWallet Connect Abuse
app.kybcrswap.com-g3.shop
16 VTTaken Down
binance--us.com
16 VTLive
btc-tumbler.to
16 VTTaken Down
coinexapp.ru
16 VTLive
cow-swop.org
16 VTLive
detifuna.net
16 VTTaken Down
dextoolwallets.on.fleek.co
16 VTLive
dot-io.cc
16 VT
eth-qr-code.com
16 VTTaken Down
ethereum-mixers.to
16 VTTaken Down
gambwin.com
16 VTLive
game-official.midasbuy-page.com
16 VTLive
hyperliquid.gg
16 VTTaken Down
impactxconnect.com
16 VTLiveWallet Connect Abuse
imtokenas.com
16 VTTaken Down
ltc-qr.to
16 VTLive
metamasklogiinu.webflow.io
16 VTTaken Down
metamkerloginsn.webflow.io
16 VTTaken Down
mrbeast-xbet.world
16 VTTaken Down
netflixgpt-66e93.firebaseapp.com
16 VTTaken Down
netflixgpt-98554.web.app
16 VTLive
okamzity-nerix.com
16 VTTaken Down
phantomstakevault.com.prime-vaultaccess.com
16 VTTaken Down
pub-50f6be4f4c494888b25f632fad312d3b.r2.dev
16 VTTaken Down
robiox.com.ua
16 VTLive
secure-ledger-auth--help.webflow.io
16 VTTaken Down
spotify-clone-luigi-iossa.netlify.app
16 VTTaken Down
steamcommunity.vov.ru
16 VTTaken Down
sterlhorizonltd.com
16 VTTaken Down
telegrameim.com
16 VTTaken Down
ton-exchange-swap.com
16 VTTaken Down
ton-mixer.to
16 VTLive
uniswap-exchange.click
16 VTLive
usdt-qrcode-generator.com
16 VTLive
validateonmainnet.firebaseapp.com
16 VTTaken Down
walletconnectauth.com
16 VTTaken Down
www-defliama.com
16 VTLive
105633111.com
15 VTTaken Down
68uv.pilot45.com
15 VTTaken Down
ai-uniswaps.web.app
15 VTTaken Down
airdropzclaim.com
15 VTTaken Down
app-renzoprotocol.network
15 VTLiveWallet Connect Abuse
apple-with-bootstrap.netlify.app
15 VTTaken Down
appsextension.live
15 VTTaken Down
apptrustwallet.com
15 VTTaken Down
aspfinshares.com
15 VTTaken Down
axisledger.live
15 VTTaken Down
bafybeibkhz4elzra2dauacvdzm6x2j5t3ow2n2z6ki6pftcjuis6ozi56e.ipfs.dweb.link
15 VTTaken Down
bafybeidyjhvudof62jn7o6746utfllknvl4kx5wgemf6iorsmigz3lzvja.ipfs.dweb.link
15 VTTaken Down
bnkni.com
15 VTLive
btc-qrs.to
15 VTTaken Down
chainlist.xyz
15 VTTaken Down
chase-bnk.com
15 VTLive
coinbase.cod-cupon.ro
15 VTTaken Down
coinbaseoc.com
15 VTTaken Down
confirmar-live-ou1look01.weebly.com
15 VT
defidappsrestore.web.app
15 VTLive
dpln-quete.com
15 VTTaken Down
« Prev 1 2 3 4 5 ... Next »

Detection Trends

Monthly domain volume, kill rate, and live threats over time.

Monthly Detected Domains

Kill Rate %

Explore More

Related intelligence pages and data feeds.

Domain Hub

146,053+ domains with security reports

Live Threats

59,687 phishing sites still online

DestroyList on GitHub

Open-source daily phishing domain feeds

About PhishDestroy

Independent anti-phishing threat intelligence