# banitcamp.com — MALICIOUS > PhishDestroy identifies banitcamp.com as an active phishing domain. 6/95 VirusTotal vendors flag this NICENIC-registered site created Feb 2025. ## Summary PhishDestroy identifies banitcamp.com as an active phishing domain targeting users with counterfeit login portals. This site was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on February 08, 2025, and currently resolves to IP 172.67.163.16. Let’s Encrypt provides its SSL certificate, giving a false air of legitimacy to potential victims. The elevated risk stems from its recent creation combined with active distribution via phishing campaigns aimed at stealing login credentials and financial data. PhishDestroy’s investigation reveals this domain has been flagged by 6 of 95 VirusTotal security vendors, indicating detectable malicious behavior across multiple analysis engines. The combination of a newly registered domain, low VirusTotal coverage, and the use of a trusted SSL issuer creates a high-risk threat vector. The domain’s creation date in February 2025 suggests a recent launch, which is common for phishing operations seeking to exploit brand-new domains before they are widely blacklisted. The registrar NICENIC INTERNATIONAL GROUP CO., LIMITED has been associated with high volumes of domain registrations linked to phishing and malware campaigns. This domain’s infrastructure—hosted on 172.67.163.16, a server known for hosting malicious content—further corroborates its malicious intent. With only 6 of 95 security vendors detecting it at the time of analysis, users are unlikely to be protected by real-time browser warnings alone. Organizations and individual users should immediately block banitcamp.com at the network and endpoint levels using domain reputation filters and firewall rules. If you have visited this domain, cease interaction immediately, clear browser cookies and cached credentials for the site, and run a full antivirus scan. Report the domain to your email provider, security team, and platforms such as Google Safe Browsing, PhishTank, or the Anti-Phishing Working Group. If you entered credentials, change passwords immediately and enable multi-factor authentication on all related accounts. Monitor financial accounts for unauthorized transactions and be alert for follow-up phishing attempts leveraging stolen data. Proactively share threat intelligence about this domain with trusted cybersecurity networks to prevent further victimization. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-02-08 19:01:14 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 172.67.163.16 ## Detection Status - VirusTotal: 6 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/03ae138e-aae0-483e-a1d1-1f392a39281b - PhishDestroy: https://phishdestroy.io/domain/banitcamp.com/ - LLM endpoint: https://phishdestroy.io/domain/banitcamp.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/banitcamp.com/ Last updated: 2026-03-29