# app.backpackdesktops.live — MALICIOUS > PhishDestroy flags app.backpackdesktops.live as a live phishing site impersonating legitimate desktop apps. ## Summary PhishDestroy identifies app.backpackdesktops.live operating as an active phishing domain with an elevated risk level. This domain masquerades as software download portals to harvest credentials or deliver malware to unsuspecting users. The infrastructure is deliberately configured to appear legitimate, leveraging a Let's Encrypt SSL certificate to evade browser-based warnings while serving malicious payloads. This domain was flagged by 11 out of 95 security vendors on VirusTotal, indicating a fragmented but significant detection rate. Resolving to the IP address 64.29.17.65, the domain utilizes Let's Encrypt for SSL/TLS encryption, which may lend it superficial trustworthiness. While the registration details such as registrar, creation date, and blocklist inclusion remain unverified in available intelligence, the combination of low vendor detection and active hosting suggests a campaign in early or adaptive deployment phases. The IP address is associated with a known bulletproof hosting provider often leveraged by phishing operators to prolong availability despite takedown efforts. Mitigation against threats posed by this domain requires immediate defensive action. Organizations should block the domain app.backpackdesktops.live at DNS and network levels using firewall rules or proxy filters. Users should avoid accessing the site entirely—especially any download links or forms—and report suspicious activity to security teams. Given the use of a valid SSL certificate, browser security extensions such as uBlock Origin or Netcraft should be deployed to intercept known malicious scripts or C2 callbacks. Proactive threat hunting should include searching for connections to IP 64.29.17.65 or similar domains within proxy logs to identify potential compromise across endpoints. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 64.29.17.65 ## Detection Status - VirusTotal: 11 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/app.backpackdesktops.live - PhishDestroy: https://phishdestroy.io/domain/app.backpackdesktops.live/ - LLM endpoint: https://phishdestroy.io/domain/app.backpackdesktops.live/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/app.backpackdesktops.live/ Last updated: 2026-04-08