# azuki.lat — SUSPICIOUS

> PhishDestroy warns azuki.lat is a crypto drainer active since March 2026. VirusTotal flags 1/95 vendors—avoid this domain and verify now.

## Summary
PhishDestroy identifies azuki.lat as an elevated-risk crypto drainer domain created on March 19, 2026, specifically designed to steal cryptocurrency from unsuspecting users. This site impersonates legitimate NFT projects under the Azuki brand, luring victims with fake minting opportunities or wallet connections that drain funds directly from connected wallets.  This domain was flagged by VirusTotal with just 1 out of 95 security vendors detecting it, yet its active status and fraudulent design pose a clear threat. It resolves to IP 104.21.4.189 and was registered through PDR Ltd. d/b/a PublicDomainRegistry.com, a registrar often exploited by threat actors for short-lived malicious domains.  If you visited azuki.lat, disconnect your wallet immediately and revoke any suspicious permissions via your wallet’s settings or tools like Revoke.cash. Do not interact further with this domain or any linked pages. Report the domain to PhishDestroy and your wallet provider to prevent further fraud.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-19 07:22:28
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 104.21.4.189

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/829b0cd5-7d23-4836-ada6-6efe81eff4db
- PhishDestroy: https://phishdestroy.io/domain/azuki.lat/
- LLM endpoint: https://phishdestroy.io/domain/azuki.lat/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/azuki.lat/
Last updated: 2026-03-20