# angelonia.my.id — MALICIOUS — Crypto Drainer (Angel Drainer)

> angelonia.my.id is a high-risk crypto drainer site detected by VirusTotal (1/95). This domain is actively impersonating legitimate services to steal.

## Summary
PhishDestroy identifies angelonia.my.id as a HIGH-RISK crypto drainer site actively distributing the Angel Drainer malware kit. This domain poses an immediate threat to cryptocurrency holders, as it is designed to silently drain digital assets from victim wallets upon interaction. The operation is likely automated, with a focus on deception through spoofed interfaces or fake services. Users who connect wallets or enter credentials risk irreversible financial loss. Given the active status and drainer toolkit deployment, this domain should be treated as malicious with no legitimate use case.    This domain was flagged by 1 out of 95 VirusTotal security vendors and resolves to IP address 188.114.96.3. It is registered through PT Web Media Technology Indonesia and was created on March 08, 2026. The presence of a Let's Encrypt SSL certificate does not indicate trustworthiness, as threat actors commonly use free certificates to appear legitimate. The Angel Drainer toolkit, identified in this campaign, is a known JavaScript-based malware used to intercept and divert cryptocurrency transactions in real time. There is no evidence this domain has been added to public blocklists yet, but its recent creation and low detection rate suggest it is in an early deployment phase.    To mitigate risk: avoid visiting or interacting with angelonia.my.id under any circumstances. Never connect wallets, enter private keys, or approve transactions prompted by this site. If you suspect exposure, revoke any unauthorized wallet connections immediately using tools like WalletConnect or blockchain explorers. Report this domain to your antivirus provider, browser vendor, and platform security teams using the unique seed a716bb for tracking. Share IOCs (188.114.96.3, a716bb) with threat intelligence communities to help block further propagation. Stay vigilant—crypto drainers evolve rapidly, and even newly registered domains can deliver devastating payloads within hours of going live.

## Threat Details
- Verdict: MALICIOUS — Crypto Drainer (Angel Drainer)
- Site status: unknown (HTTP ?)
- Drainer type: Angel Drainer

## Domain Intelligence
- Registered: 2026-03-08 01:39:28
- Registrar: PT Web Media Technology Indonesia
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9ba75fab-4fa5-430b-9ff8-0932c5df2100
- PhishDestroy: https://phishdestroy.io/domain/angelonia.my.id/
- LLM endpoint: https://phishdestroy.io/domain/angelonia.my.id/llm.txt

## If You Visited This Site
1. Revoke all token approvals immediately (revoke.cash / unrekt.net)
2. Move remaining funds to a new wallet
3. Do not interact with any transactions from this site
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/angelonia.my.id/
Last updated: 2026-03-23