# akt.airdropsalert.app — MALICIOUS

> Akt.airdropsalert.app is a high-risk crypto drainer domain flagged for social engineering. Avoid interacting with it to protect your digital assets.

## Summary
PhishDestroy has identified akt.airdropsalert.app as a high-risk crypto drainer domain. Classified under the crypto drainer threat category, this domain was designed to illicitly capture users’ cryptocurrency credentials or wallets. The page title mimics a legitimate service by using "Google" as a lure, attempting to deceive victims into trusting the site before stealing their crypto assets.

Technical analysis reveals that akt.airdropsalert.app was registered using Cloudflare, Inc. and resolves to the IPv6 address 2607:f8b0:4004:c1d::6a, linked with Google infrastructure. Despite this, VirusTotal analysis highlights 16 security vendors flagging the domain, while Google Safe Browsing categorizes it under SOCIAL_ENGINEERING. Additionally, it appears on two notable security blocklists, underscoring its malicious intent within the crypto fraud landscape.

Currently, the domain akt.airdropsalert.app has been taken offline, reducing immediate risk. PhishDestroy recommends users avoid any interaction with this domain and remain cautious of similar sites posing as legitimate platforms. Security teams should monitor blocklists and threat intelligence feeds to ensure protection against potential resurgence or variant domains using similar tactics. This analysis uses unique seed ee5019 to ensure distinct phrasing and detailed reporting.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Scam type: Airdrop Scam
- Page title: Google

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 2607:f8b0:4004:c1d::6a
- IP Country: US
- IP City: Washington
- IP Org: AS15169 Google LLC
- Nameservers: NS_NOT_FOUND
- SSL Issuer: none

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ae674-b822-71a9-abbd-1c77518f254c.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/aa2fe939-1399-4350-b9aa-dd3b6c547712
- PhishDestroy: https://phishdestroy.io/domain/akt.airdropsalert.app/
- LLM endpoint: https://phishdestroy.io/domain/akt.airdropsalert.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/akt.airdropsalert.app/
Last updated: 2026-03-19