# app-usdupdate.live — SUSPICIOUS > app-usdupdate.live poses as a software updater but is a credential phishing site. Detected by 2/95 VirusTotal scanners. ## Summary PhishDestroy identifies app-usdupdate.live as an active credential phishing domain, posing an elevated risk to users who may inadvertently disclose sensitive login information. This domain was flagged due to its direct involvement in credential phishing campaigns, specifically targeting unsuspecting users with fraudulent software update claims. Intelligence confirms this domain resolves to IP 172.67.148.64, utilizes a Let's Encrypt SSL certificate, and was registered on March 29, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED. VirusTotal analysis shows 2 out of 95 security vendors have flagged this domain, indicating limited but notable detection. Additionally, its recent creation date and reliance on a reputable certificate authority suggest an attempt to appear legitimate while evading early detection. Credential phishing domains like app-usdupdate.live often mimic legitimate software update prompts to trick users into entering their credentials or sensitive information. Given its active status and evasion tactics, users should avoid interacting with this domain entirely. If you encounter this domain, do not click any links or provide any personal information. Immediately report the domain to your browser or security provider, and consider running a full system scan for potential malware or credential harvesting tools. For robust protection, enable multi-factor authentication on all accounts and use password managers that alert against known phishing domains. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-29 20:22:48 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 172.67.148.64 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/e53b62fd-30f3-4f91-af99-4e2e4d3f221b - PhishDestroy: https://phishdestroy.io/domain/app-usdupdate.live/ - LLM endpoint: https://phishdestroy.io/domain/app-usdupdate.live/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/app-usdupdate.live/ Last updated: 2026-03-31