# audittron.io — MALICIOUS

> Avoid audittron.io, a phishing site impersonating Bybit. Stay safe by not entering credentials and verify URLs before proceeding.

## Summary
PhishDestroy identifies audittron.io as a medium-risk brand impersonation threat targeting Bybit users. This domain was designed to deceive visitors by mimicking Bybit’s branding and page title "Bybit Audit," potentially aiming to steal sensitive information.

Supporting intelligence reveals audittron.io was registered through Dynadot LLC on February 21, 2026, and currently resolves to IP 172.67.150.43. The domain appeared on one security blocklist and was flagged by 8 out of 95 VirusTotal security vendors, confirming suspicious activity consistent with phishing operations.

Currently taken offline, audittron.io no longer resolves, reducing immediate risk. Users are advised to remain vigilant by verifying URLs and avoiding input of credentials on suspicious sites. PhishDestroy continues to monitor for any reactivation or similar threats targeting Bybit’s brand.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Bybit
- Page title: Bybit Audit

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Dynadot LLC
- Country: US
- IP: 172.67.150.43
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["alla.ns.cloudflare.com", "milan.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 8 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "Seclookup", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0198f191-cae9-721a-93d6-67c794a8d37a.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/bf3b9280-d5f3-4c80-bf3a-64ea8b9c1e95
- PhishDestroy: https://phishdestroy.io/domain/audittron.io/
- LLM endpoint: https://phishdestroy.io/domain/audittron.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/audittron.io/
Last updated: 2026-03-19