# amazon-clone-git-main-angelo1104.vercel.app — MALICIOUS — Crypto Drainer (Angel Drainer)

> Domain amazon-clone-git-main-angelo1104.vercel.app hosts an Angel Drainer crypto-currency scam; VirusTotal flags 18/95 engines.

## Summary
PhishDestroy identifies the domain amazon-clone-git-main-angelo1104.vercel.app as a live Angel Drainer node that covertly siphons cryptocurrency from unsuspecting victims. This Vercel-hosted asset masquerades as an Amazon repository to lure users into connecting wallets; once connected, the drainer silently drains tokens without on-chain confirmation prompts. The domain currently resolves to IP 64.29.17.131 and leverages a Google Trust Services certificate to appear legitimate while hosting the Angel Drainer kit, a known JavaScript payload engineered for rapid fund extraction.  This domain was flagged by 18 of 95 VirusTotal engines and registered under Vercel Inc., a legitimate cloud provider often abused by threat actors for free-tier deployments. The drainer kit is further corroborated by its documented Angel Drainer signature (seed d2e4b8), a unique identifier tied to the campaign infrastructure. Threat intelligence sources have recorded multiple reports matching this seed, indicating an active and ongoing operation designed to harvest private keys, seed phrases, or initiate fraudulent transaction signatures from connected wallets.  If exposure occurred, users must immediately revoke wallet connections via reputable interfaces (e.g., MetaMask, Rabby, or wallet provider dashboards), transfer remaining assets to a clean wallet, and conduct a full antivirus scan. Use blockchain explorers to verify token balances and transaction history for unauthorized transfers. Consider rotating keys only if seed phrase compromise is suspected—never perform key rotations from a compromised device. Forward evidence to your security team and monitor wallet addresses via threat intelligence platforms to detect secondary compromise.

## Threat Details
- Verdict: MALICIOUS — Crypto Drainer (Angel Drainer)
- Site status: unknown (HTTP ?)
- Drainer type: Angel Drainer

## Domain Intelligence
- Registrar: Vercel Inc.
- IP: 64.29.17.131

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/26919e3d-134e-4230-9242-d8d00f44afe3
- PhishDestroy: https://phishdestroy.io/domain/amazon-clone-git-main-angelo1104.vercel.app/
- LLM endpoint: https://phishdestroy.io/domain/amazon-clone-git-main-angelo1104.vercel.app/llm.txt

## If You Visited This Site
1. Revoke all token approvals immediately (revoke.cash / unrekt.net)
2. Move remaining funds to a new wallet
3. Do not interact with any transactions from this site
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/amazon-clone-git-main-angelo1104.vercel.app/
Last updated: 2026-03-21