# apple-secure.cloud — MALICIOUS

> apple-secure.cloud mimics Apple services and poses a high brand impersonation risk. The domain is offline; avoid any interaction.

## Summary
PhishDestroy identifies apple-secure.cloud as a high-risk brand impersonation domain targeting Apple, using the page title 'iCloud' to deceive users. The domain was created recently on January 04, 2026, and registered via Porkbun LLC.

Technical indicators include a resolution to IP 172.67.153.224 and detection by 16 out of 95 VirusTotal security vendors. It appears on one security blocklist and is referenced in an AlienVault OTX threat pulse, signaling active malicious use in the wild.

Currently, apple-secure.cloud is taken offline, mitigating immediate threats. Users are advised to remain vigilant against similar domains, and security teams should monitor related infrastructure for reemergence or associated phishing campaigns.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Apple
- Page title: iCloud

## Domain Intelligence
- Registered: 2026-01-04 00:00:00
- Expires: 2027-01-04 00:00:00
- Registrar: Porkbun LLC
- Country: US
- IP: 172.67.153.224
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: maisie.ns.cloudflare.com renan.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Lionic", "Seclookup", "SOCRadar", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b87db-dbc8-72ce-8e5a-a9d1d0c59367.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/1b5f7cdf-d324-4227-89a6-88249cff5113
- PhishDestroy: https://phishdestroy.io/domain/apple-secure.cloud/
- LLM endpoint: https://phishdestroy.io/domain/apple-secure.cloud/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/apple-secure.cloud/
Last updated: 2026-03-19