# astranovae-hub.com — MALICIOUS > Astranovae-hub.com is a LIVE crypto drainer impersonating crypto brands. 17/95 VirusTotal detections, flagged by PhishDestroy for immediate verification. ## Summary PhishDestroy identifies the active crypto drainer domain astranovae-hub.com, which poses an elevated threat due to its use of a generic phishing lure targeting cryptocurrency users. This domain, created on March 13, 2026, shows no affiliation with any legitimate entity but leverages a common drainer kit designed to siphon funds from victims' wallets upon interaction. The absence of brand impersonation details in current telemetry suggests a broader, opportunistic campaign rather than a targeted brand spoof, though this may evolve as the campaign matures. This domain resolves to IP 104.21.16.47 and is registered through Dynadot Inc. VirusTotal reports a detection ratio of 17/95 security vendors, indicating partial coverage but not universal recognition of the threat. The domain utilizes a Let's Encrypt SSL certificate, a tactic often employed to appear legitimate to unsuspecting users. As of the latest telemetry, the domain remains unlisted on Google Safe Browsing (GSB) and has not been widely blocked by major threat intelligence platforms, leaving a window of opportunity for threat actors to exploit. The domain's recent creation and active status suggest a rapidly evolving campaign with potential for expansion. The current status of astranovae-hub.com is active, with no confirmed takedown or mitigation measures in place. PhishDestroy recommends immediate verification of this domain via its threat intelligence platform to prevent exposure to this crypto drainer. Users are advised to exercise extreme caution when encountering links or advertisements promoting astranovae-hub.com or similar domains. While the immediate risk is elevated due to the domain's active status and partial detection coverage, proactive blocking and user awareness remain critical to reducing the attack surface. Remaining risk includes the potential for the domain to be weaponized further or repurposed for additional malicious activities, necessitating ongoing monitoring and rapid response efforts. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-13 06:01:39 - Registrar: Dynadot Inc - IP: 104.21.16.47 ## Detection Status - VirusTotal: 17 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/7b190ea4-5bb1-4d69-b118-7d1a2dc698e1 - PhishDestroy: https://phishdestroy.io/domain/astranovae-hub.com/ - LLM endpoint: https://phishdestroy.io/domain/astranovae-hub.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/astranovae-hub.com/ Last updated: 2026-04-13