# apy-bnb.net — SUSPICIOUS

> apy-bnb.net is a crypto drainer scam mimicking Binance; avoid entering credentials. Check safety on PhishDestroy. Detected by 2/95 VirusTotal engines.

## Summary
PhishDestroy identifies apy-bnb.net as an active crypto drainer scam designed to steal cryptocurrency assets from unsuspecting users. This malicious domain impersonates Binance, a globally recognized cryptocurrency exchange, and has been engineered to trick visitors into connecting their wallets or entering sensitive login credentials. The domain employs deceptive tactics such as fake promotions, urgent alerts, or cloned interfaces to lure victims into authorizing malicious transactions that drain their crypto holdings. Security researchers have classified this threat as an elevated risk due to its active infrastructure and the potential for significant financial loss. Users interacting with this domain are strongly advised to revoke any unauthorized wallet connections immediately and transfer remaining assets to a secure wallet.  This domain was flagged by multiple security vendors and blocklists, confirming its malicious intent. According to intelligence gathered, apy-bnb.net was registered on June 11, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar known to host numerous malicious domains. The domain resolves to IP address 185.114.96.3 and holds a valid SSL certificate issued by Google Trust Services, which may lend it an air of legitimacy to bypass user skepticism. VirusTotal reports that 2 out of 95 security engines detected this domain as malicious, while it appears on 1 confirmed blocklist. The domain’s recent creation date suggests it is a newly deployed threat, likely targeting current crypto market trends or events to maximize its effectiveness.  If you have visited apy-bnb.net, take immediate action to secure your assets and personal information. Disconnect your wallet from any suspicious websites using your wallet’s interface or a reputable blockchain explorer. If you entered your Binance credentials or connected your wallet, change your Binance account password immediately and enable two-factor authentication. Revoke any unauthorized smart contract approvals or token permissions through tools like Etherscan’s ‘Token Approvals’ or similar services for your blockchain. Scan your devices for malware using trusted antivirus software, as some drainers install spyware to capture additional credentials. Report the domain to PhishDestroy and your local cybersecurity authorities to help prevent others from falling victim to this scam.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-06-11 23:06:35
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["ScamSniffer"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5636340b-c52a-4ba9-888e-4e1037b88fdc
- PhishDestroy: https://phishdestroy.io/domain/apy-bnb.net/
- LLM endpoint: https://phishdestroy.io/domain/apy-bnb.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/apy-bnb.net/
Last updated: 2026-03-27