Threat Intelligence Dashboard

August 2025 Report

Detailed threat intelligence for 3,788 phishing domains. Registrar abuse, drainer kits, targeted brands, and AI-generated expert assessment.

149,039Total Detected

109,925Taken Down

77.9%Kill Rate

92.5%VT Coverage

39,749Abuse Reports

Overview May 263,501 Apr 2615,640 Mar 2618,819 Feb 2642,098 Jan 268,930 Dec 2511,773 Nov 2512,579 Oct 258,841 Sep 257,307 Aug 253,788 Jul 25700 Jun 254

August 2025 Intelligence Report 441.1%

3,788

2,673

Taken Down

1,009

Still Live

70.6%

Kill Rate

5139h

Avg Response

4.3

Avg VT Score

August 2025 saw a dramatic surge in phishing domains with 3,788 detected, marking a 441.1% increase from the previous month. The takedown rate stood at 67.6%, indicating significant operational success, though the mean registrar response time remains critically high at 4426.9 hours. Notably, Kraken and Ledger were heavily targeted, reflecting a strategic focus on cryptocurrency brands. The prevalence of the Angel Drainer kit, implicated in 220 cases, underscores a persistent threat of wallet draining for victims.

N/A remains the top abuse registrar with 458 domains, followed by NameSilo, LLC with 224 domains.
Targeting of Kraken and Ledger suggests a continued emphasis on cryptocurrency rather than traditional banking.
The .com TLD was the most weaponized with 1,828 instances, dwarfing other TLDs like .xyz and .life.
The Angel Drainer kit led the pack, posing a significant risk of wallet draining for cryptocurrency users.
The majority of phishing infrastructure is hosted in the US with 2,524 domains, indicating a concentration that defenders should prioritize.
Despite a takedown rate of 67.6%, the mean registrar response time of 4426.9 hours highlights a critical delay in mitigation efforts.

Outlook

Looking ahead to September 2025, defenders should anticipate continued targeting of cryptocurrency brands, with potential shifts towards new TLDs as attackers diversify. Registrars like N/A and NameSilo, LLC require escalated monitoring due to their high abuse concentrations. Vigilance against the Angel Drainer kit remains crucial to protect users from wallet draining threats.

Full Data on GitHub Browse All Domains Live Threats

Top Registrars

Registrar	Domains
Web Commerce Communications Limited	277
NameSilo, LLC	245
NiceNIC International Group Co., Limited	204
Dynadot LLC	189
NameCheap, Inc.	183
OwnRegistrar, Inc.	168
URL Solutions, Inc.	159
Cosmotown, Inc.	151

Targeted Brands

Brand	Domains
across	450
Kraken	167
Google	159
Ethereum	148
Ledger	139
binance	126
Base	98
aave	70

Top TLDs

Hosting Countries

Active Drainer Kits

August 2025 Domains (3,788)

Sorted by VirusTotal detections. Click any domain for full security report.

www.vavadartp.com

www.velorahr.com

www.wealthphantom.io

www.webhooks.botstatesinfo.com

www.yusjibtravel.ng.yusjibtravels.com

www.zksolutions.org

xn--meteor-uta.com

0f324e7d2881.6b3632c8.us-east-1.token.awswaf.com

0xinuarashi.dev

0xloky-access.com

Taken DownAngel Drainer

1polkadot-5x1e.js.org

aave.smart-update.it.com

Taken DownAngel Drainer

acala-network.live

accessmoreinvestment.com

activfrxonline.com

aerodriftlogistics.com

affiliate-elitepro.com

affiliateelite.pro

aigirlfriendtelegram.chat

airdrop-rabbywallet.website

Taken DownAngel Drainer

alghassanmarineshipping.com

allianzthrive.com

alphaultramarkets.com

apexwealthmanagement.ltd

assetbuilderslimited.com

astromarketsinv.com

autotimetrade.com

bafybeiajub74axajhiu6s663bx6j6d4hifih757xb47yt4i223gpu3w3ci.ipfs.dweb.link

bafybeiaoni35loah6mxudvrxltj6qkb5afmoqjqbg2spapid2kltvnqvby.ipfs.dweb.link

bafybeiaoulkqm54mkpjy5t7idjlc2wxddyj7a4cpdrpi4reejwkd4gphke.ipfs.dweb.link

bafybeibauy7yiihtallbuq3vlajdvhkwsaf2d6w3rnenlvrf3d2c2vcyva.ipfs.dweb.link

bafybeibow6l2xxhkxkrjou6wfgqnfc65rmw4fcrcz6rjl4kbpv2txxml6i.ipfs.dweb.link

bafybeibswl2ie3xii63ol3miweawoxscpjp53jv2mbgbnbnvviygxczjqe.ipfs.dweb.link

bafybeicstr6f6nebuy7tjlpjgzecshw3segkzgnu4rzkkzrr6hrawmofg4.ipfs.dweb.link

bafybeicx5ak6l2vuhzsorrbhqgb77zjl2btozkpnl7wvswth5lj3f4nz44.ipfs.dweb.link

bafybeiddfzec3ssadmq4s7m7fotcrv2543fgmtp5fhndlmktya2zv4jvyy.ipfs.dweb.link

bafybeide2or56pa7ot4fc3wzsnuly2o32jzzgwycgjfke2pufavlxrbyy4.ipfs.dweb.link

bafybeidfyreuh4x3vxuhzumv4scybbadvpv67sp75wq6uf7biwisavqvnu.ipfs.dweb.link

bafybeidqgc2vg5ms7x4xtpfwxdf6gci5rke2ol2smg52qixs6r4jvggbye.ipfs.dweb.link

bafybeidqp2rvj7tisdarxknqei2iskr4uwtzyrfsghgcdovn3g33i5fube.ipfs.dweb.link

bafybeidumscxkbzdpevccsy2ccgdgfc3gj4ejh42kqhn5yis4hacugjfuy.ipfs.dweb.link

bafybeietwjvabsmhbvmmsq4y65nxgb5jhh4qwhskqdgyp7gmcpuwjsyayu.ipfs.dweb.link

bafybeiewx4e2pncoxcrbd57xruotistqgiyxfakla3tb5qfpwkazlkrize.ipfs.dweb.link

bafybeifn4q7vghs7f3xwilosxa4dyllaadejgevezprlqf5cgs5mgpvmr4.ipfs.dweb.link

bafybeig2qxervlifeg5gur3hrsbgo6hrco4esjxaz2r6nixoqkc6nhhjbe.ipfs.dweb.link

bafybeignqbqcj3ivss4hhm4rqyiiif25p5n32yh7iqzmhpf4aqaa2sxgha.ipfs.dweb.link

bafybeigoo2ajgc5d32j7sqglri2pqwtnmpnm6g2yfmlmcdzm2oyww2ny3u.ipfs.dweb.link

bafybeih2enmhriyu34h5katuwmktbk34qrl4x5j2dje2irjyn36zy5jkpq.ipfs.dweb.link

bafybeihkqxli7rn4yzsjh3zws5jdrmorjdo3zjivditajb6tkzq73e7ona.ipfs.dweb.link

Detection Trends

Monthly domain volume, kill rate, and live threats over time.

Monthly Detected Domains

Kill Rate %

Explore More

Related intelligence pages and data feeds.

Domain Hub

149,039+ domains with security reports

Live Threats

31,194 phishing sites still online

DestroyList on GitHub

Open-source daily phishing domain feeds

About PhishDestroy

Independent anti-phishing threat intelligence