# auth-card.com — MALICIOUS

> auth-card.com is a crypto drainer impersonating Cardano wallets. 5/95 VirusTotal detects this domain—verify URLs at PhishDestroy before entering credentials.

## Summary
PhishDestroy identifies auth-card.com as an active crypto-draining phishing domain created on March 15, 2026, designed to siphon assets from unsuspecting Cardano wallet owners.

This domain resolves to IP 64.89.161.63 and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. VirusTotal flagged it at 5/95 detection vendors as of seed f58a93, indicating moderate but noteworthy threat recognition. The recent March 2026 creation date suggests a rapid-deployment campaign targeting Cardano users during the current market cycle.

At the time of assessment, auth-card.com remains live and unblocked on major browsers. PhishDestroy recommends immediate blacklisting of the domain and IP 64.89.161.63, along with a global blocklist count of 95 detections to mitigate ongoing exposure. Users are advised to verify wallet-related URLs against PhishDestroy’s real-time database before any interaction to prevent irreversible crypto losses.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Page title: auth-card.com

## Domain Intelligence
- Registered: 2026-03-15 12:15:33
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 64.89.161.63

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e7982797-de59-43c7-82ef-789d76da89d3
- PhishDestroy: https://phishdestroy.io/domain/auth-card.com/
- LLM endpoint: https://phishdestroy.io/domain/auth-card.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/auth-card.com/
Last updated: 2026-03-23