Threat Intelligence Dashboard

August 2025 Report

Detailed threat intelligence for 3,788 phishing domains. Registrar abuse, drainer kits, targeted brands, and AI-generated expert assessment.

107,732Total Detected
92,561Taken Down
86.3%Kill Rate
94.3%VT Coverage
25,332Abuse Reports
Overview Mar 269,496 Feb 2618,204 Jan 268,931 Dec 2511,773 Nov 2512,579 Oct 258,841 Sep 257,307 Aug 253,788 Jul 25700 Jun 254
August 2025 Intelligence Report 441.1%
3,788
3,671
Taken Down
117
Still Live
96.9%
Kill Rate
4686h
Avg Response
4.3
Avg VT Score

August 2025 saw a dramatic surge in phishing domains with 3,788 detected, marking a 441.1% increase from the previous month. The takedown rate stood at 67.6%, indicating significant operational success, though the mean registrar response time remains critically high at 4426.9 hours. Notably, Kraken and Ledger were heavily targeted, reflecting a strategic focus on cryptocurrency brands. The prevalence of the Angel Drainer kit, implicated in 220 cases, underscores a persistent threat of wallet draining for victims.

  • N/A remains the top abuse registrar with 458 domains, followed by NameSilo, LLC with 224 domains.
  • Targeting of Kraken and Ledger suggests a continued emphasis on cryptocurrency rather than traditional banking.
  • The .com TLD was the most weaponized with 1,828 instances, dwarfing other TLDs like .xyz and .life.
  • The Angel Drainer kit led the pack, posing a significant risk of wallet draining for cryptocurrency users.
  • The majority of phishing infrastructure is hosted in the US with 2,524 domains, indicating a concentration that defenders should prioritize.
  • Despite a takedown rate of 67.6%, the mean registrar response time of 4426.9 hours highlights a critical delay in mitigation efforts.
Outlook
Looking ahead to September 2025, defenders should anticipate continued targeting of cryptocurrency brands, with potential shifts towards new TLDs as attackers diversify. Registrars like N/A and NameSilo, LLC require escalated monitoring due to their high abuse concentrations. Vigilance against the Angel Drainer kit remains crucial to protect users from wallet draining threats.
Full Data on GitHub Browse All Domains Live Threats

Top Registrars

RegistrarDomains
Web Commerce Communications Limited 276
NameSilo, LLC 244
NiceNIC International Group Co., Limited 195
Dynadot LLC 189
NameCheap, Inc. 179
OwnRegistrar, Inc. 167
URL Solutions, Inc. 158
Cosmotown, Inc. 151

Targeted Brands

BrandDomains
Kraken 147
Ledger 134
Ethereum 79
Binance 74
telegram 39
OKX 39
cats=phishing 37
MetaMask 36

Top TLDs

.com1,828 .xyz177 .life165 .app153 .org143 .top133 .live109 .net102

Hosting Countries

🇺🇸 US2,474 🇩🇪 DE278 🇷🇺 RU193 🇳🇱 NL157 🇨🇭 CH101 AE89 🇭🇰 HK56 🇺🇦 UA38

Active Drainer Kits

Angel Drainer220 Wallet Connect Abuse95 Solana Drainer31 Ice Phishing7 Inferno Drainer1

August 2025 Domains (3,788)

Sorted by VirusTotal detections. Click any domain for full security report.

accounts.bmwweb.biz
21 VTTaken Down
www.metamask.tasheeltheqa.com
21 VTTaken Down
axiom-trade-platform.com
20 VTTaken Down
axiomtrading-platform.com
20 VTTaken Down
bitcoinlexipro-platform.com
20 VTTaken Down
etherealux-ledger-tech.com
20 VTTaken Down
fixedfloat.ac
20 VTTaken Down
steamcommunitylog.chez.com
20 VTTaken Down
steamcomunity.aiq.ru
20 VTTaken Down
swap.swissdlt.ch
20 VTTaken Down
uniswap-staging.org
20 VTTaken Down
wolke-ledgerix-soft.com
20 VTTaken Down
chainretificator.com
19 VTTaken DownWallet Connect Abuse
ledgerlive-assets.com
19 VTTaken Down
metamask88.com
19 VTTaken Down
158940-coinbase.com
18 VTTaken Down
bitcoin-buyer-solution.com
18 VTTaken Down
createvault-coinbase.com
18 VTTaken Down
cstraders.net
18 VTTaken Down
gravitonprofitsoftware.com
18 VTTaken Down
login-faxplus-outlook.com
18 VTTaken Down
luzia-coinex.ru
18 VTTaken Down
mettamsukkloggoin.webflow.io
18 VTTaken Down
pancakeswap.asia
18 VTTaken Down
phantomus.at
18 VTTaken Down
pub-8c1c14c3b0d64d0099312bb4670f2e23.r2.dev
18 VTTaken Down
pub-d69c77ba755745888f5f3bae287f77ec.r2.dev
18 VTTaken Down
qr-apps-l.ink
18 VTTaken Down
steam-api.kenrich.io
18 VTTaken Down
steam.tzevania.com
18 VTTaken Down
steamcomunnity.cc
18 VTTaken Down
usdtmixer.to
18 VTTaken Down
walletverifyauth.com
18 VTTaken Down
www-telegram.ing
18 VTTaken Down
www.3011m3011.com
18 VTTaken Down
amparadapp.live
17 VTTaken Down
bananagun-io.com
17 VTTaken DownAngel Drainer
edge-vaultura.com
17 VTTaken Down
eth-mixers.to
17 VTTaken Down
fndedtrdplus.com
17 VTTaken Down
hellobitd.com
17 VTTaken Down
ledger-live-secure.com
17 VTTaken Down
ledgerprovisionlive.com
17 VTTaken Down
ledgeruserprotectlive.com
17 VTTaken Down
ledgerusersupportlive.com
17 VTTaken Down
mtamsaklohgin.webflow.io
17 VTTaken Down
muse-apple.netlify.app
17 VTLive
netflix-gpt-609e2.firebaseapp.com
17 VTTaken Down
onlydotas2.hop.ru
17 VTTaken Down
pub-35312b95baf4482f8dd1d6c35e6943a1.r2.dev
17 VTTaken Down
pub-a77375725cbe4ebebbbb725baa062262.r2.dev
17 VTTaken Down
stackrectify.com
17 VTTaken Down
suite.tem3.io
17 VTTaken Down
tetheraudit-bot.com
17 VTTaken Down
tronssan.github.io
17 VTLive
twitchdrops.cc
17 VTTaken Down
uniswap30.vip
17 VTTaken DownWallet Connect Abuse
web.pancake.run
17 VTLiveWallet Connect Abuse
762359-coinbase.com
16 VTTaken Down
aa.stnred2.sa.com
16 VTTaken Down
1 2 3 4 ... Next »

Detection Trends

Monthly domain volume, kill rate, and live threats over time.

Monthly Detected Domains

Kill Rate %

Explore More

Related intelligence pages and data feeds.

Domain Hub

107,732+ domains with security reports

Live Threats

14,744 phishing sites still online

DestroyList on GitHub

Open-source daily phishing domain feeds

About PhishDestroy

Independent anti-phishing threat intelligence