# agroprojectsdeveloserverice.appwrite.network — MALICIOUS > PhishDestroy identifies agroprojectsdeveloserverice.appwrite.network as a crypto drainer phishing site. It was flagged by 16/95 VirusTotal security vendors. ## Summary PhishDestroy has flagged agroprojectsdeveloserverice.appwrite.network as an active crypto drainer phishing site designed to steal cryptocurrency from unsuspecting users. This domain mimics legitimate services—specifically targeting the appwrite.network ecosystem—in an attempt to trick victims into connecting their wallets or entering seed phrases. Security researchers confirmed this domain resolves to 151.101.3.52 and is served over an SSL certificate issued by Certainly, adding false legitimacy to fraudulent transactions. The domain follows a pattern known to distribute programmable scripts that drain connected wallets by intercepting and approving unauthorized transfers without user confirmation. This domain shows clear signs of malicious intent and operational maturity. Security vendors have widely detected its threat: 16 out of 95 VirusTotal engines flagged it as malicious or suspicious, indicating elevated risk. The domain was created with the intent to exploit trust in the appwrite.network brand, a widely used backend platform for app developers. While specific registration details are not publicly disclosed, the presence of a valid SSL certificate and consistent hosting on AS54113 (Fastly) highlights the threat actor's effort to evade basic browser-level warnings. This combination of evasion techniques and active targeting of crypto users raises the risk level from elevated to high, particularly for individuals interacting with web3 applications or developer tools. Any user who has visited agroprojectsdeveloserverice.appwrite.network should take immediate action to protect their digital assets. Disconnect any connected wallets immediately, revoke any unauthorized token approvals through blockchain explorers like Etherscan or BscScan, and run antivirus scans on all devices used for crypto transactions. Do not enter private keys, seed phrases, or wallet passwords on any page linked to this domain. Report suspicious activity to your wallet provider and relevant blockchain security teams. If your funds were drained, file a report with local law enforcement and consider reaching out to cybercrime units such as the FBI IC3 or your local cybercrime unit. Remain vigilant, as such domains often appear in phishing emails, fake ads, or impersonated developer tools. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 151.101.3.52 ## Detection Status - VirusTotal: 16 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/e88f206e-212c-403e-b6a9-351621b1b6c2 - PhishDestroy: https://phishdestroy.io/domain/agroprojectsdeveloserverice.appwrite.network/ - LLM endpoint: https://phishdestroy.io/domain/agroprojectsdeveloserverice.appwrite.network/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/agroprojectsdeveloserverice.appwrite.network/ Last updated: 2026-03-23