# bcawala2025-glitch.github.io — MALICIOUS

> bcawala2025-glitch.github.io is an active credential theft domain flagged by 8 of 95 VirusTotal vendors. Users should avoid providing login details.

## Summary
bcawala2025-glitch.github.io is involved in a credential theft campaign designed to harvest sensitive user login information by impersonating trusted entities. This domain's primary threat lies in deceiving users into submitting personal credentials, potentially leading to unauthorized access and identity compromise.

This domain is registered through GitHub, Inc. and leverages GitHub Pages hosting. VirusTotal analysis shows that 8 out of 95 security vendors flag this domain as malicious, underscoring its elevated risk status. It resolves to the IP address 185.199.108.153 and uses a Let's Encrypt SSL certificate, which may lend a false sense of trust to victims. The domain remains active and is not currently listed on major blocklists beyond the VirusTotal detections.

Users who have visited bcawala2025-glitch.github.io and entered any login credentials should immediately change their passwords for affected accounts and monitor for suspicious activity. It is advised to avoid interacting with any links or forms hosted on this domain. Security teams should consider blocking access at the network level and educating users about the dangers of credential theft sites masquerading behind legitimate platforms like GitHub Pages.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 8 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/56bd296a-48bb-431b-967e-cd86768d3f02
- PhishDestroy: https://phishdestroy.io/domain/bcawala2025-glitch.github.io/
- LLM endpoint: https://phishdestroy.io/domain/bcawala2025-glitch.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bcawala2025-glitch.github.io/
Last updated: 2026-03-29