# azyll.github.io — MALICIOUS

> azyll.github.io operates as a crypto drainer impersonating GitHub projects. VirusTotal flags 10/95 security vendors. Avoid entering crypto wallets.

## Summary
PhishDestroy identifies azyll.github.io as a live crypto drainer hosted on GitHub Pages, deploying malicious scripts under the guise of legitimate open-source repositories. The site masquerades as popular projects to trick users into connecting crypto wallets, then silently siphons assets via unauthorized transactions. Technical analysis shows the domain leverages GitHub’s free hosting tier to evade traditional takedowns, making it a high-risk threat to cryptocurrency users.  This domain resolves to IP 185.199.111.153 and is registered through GitHub, Inc. with a Let’s Encrypt SSL certificate. According to VirusTotal, 10 out of 95 security vendors flagged this domain, and Google Safe Browsing lists it under SOCIAL_ENGINEERING. The seed azyll.github.io points to a recently active campaign, with no publicly documented creation date or historical blocklist activity beyond the current alerts.  Current status remains active, with no evidence of takedown or mitigation. Users should treat this domain as hostile, avoid all interactions, and report the site to GitHub Abuse and Safe Browsing. Remaining risk is high due to GitHub’s persistent hosting and lack of immediate remediation, leaving wallet owners exposed to ongoing theft.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.111.153

## Detection Status
- VirusTotal: 10 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/98947f42-b52a-4638-a1e5-f8fd7f5a3f04
- PhishDestroy: https://phishdestroy.io/domain/azyll.github.io/
- LLM endpoint: https://phishdestroy.io/domain/azyll.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/azyll.github.io/
Last updated: 2026-03-23