# app-thorupdate.live — MALICIOUS

> app-thorupdate.live is linked to credential phishing attempts. Stay vigilant and avoid sharing personal info on suspicious sites.

## Summary
PhishDestroy identifies app-thorupdate.live as an active credential phishing domain designed to deceive users into divulging login credentials. Although the risk level is currently assessed as low, such phishing campaigns potentially compromise user accounts and sensitive data, emphasizing the importance of cautious online behavior. Credential phishing remains a prevalent threat, exploiting trust to gain unauthorized access.

The domain app-thorupdate.live resolves to the IP address 188.114.96.3. VirusTotal analysis reveals that 2 out of 95 security engines flagged this domain, indicating emerging suspicion but not widespread consensus on its maliciousness. The domain’s registration details and infrastructure align with tactics frequently employed in phishing operations, including use of a somewhat obscure TLD and recent activation. These indicators warrant vigilance despite a modest threat rating.

Users encountering app-thorupdate.live should refrain from entering any personal or authentication details and report the domain to their security teams or web filters. It is recommended to verify URLs carefully and rely on official channels for software or update notifications. Maintaining updated antivirus software and using multifactor authentication can further mitigate risks tied to phishing attempts originating from domains like this.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-03-05 15:07:02
- Registrar: Dynadot LLC
- Country: US
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["fonzie.ns.cloudflare.com", "anastasia.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["CyRadar", "ESET", "Gridinsoft", "Kaspersky", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/JDjmy77/76ac4cb2b064.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/app-thorupdate.live
- Wayback Machine: https://web.archive.org/web/https://app-thorupdate.live
- PhishDestroy: https://phishdestroy.io/domain/app-thorupdate.live/
- LLM endpoint: https://phishdestroy.io/domain/app-thorupdate.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app-thorupdate.live/
Last updated: 2026-03-19