# binance-red-packet.vercel.app — MALICIOUS

> Domain binance-red-packet.vercel.app is an active crypto drainer impersonating Binance. 10/95 VirusTotal detections flag this site as malicious. Do not interact.

## Summary
PhishDestroy identifies the domain binance-red-packet.vercel.app as an active crypto drainer impersonating the Binance brand. This site is part of a cryptocurrency scam campaign that deploys malicious JavaScript to siphon funds from victims’ wallets during red packet or airdrop transactions. The domain closely mirrors Binance’s legitimate offerings, using urgency (“red packet”) to lure users into connecting their wallets and approving fraudulent transactions.


This domain was flagged by PhishDestroy during active monitoring. Technical analysis reveals a VirusTotal detection ratio of 10 out of 95 security vendors, indicating partial but significant recognition of malicious intent. The site is registered via Vercel Inc., resolving to IP address 216.198.79.131, and is secured with a Google Trust Services SSL certificate. The domain was created recently and has already been listed on multiple threat intelligence blocklists, though it remains active and accessible. Current Google Safe Browsing status is not confirmed as safe.


As of this assessment, the domain remains active and represents an elevated risk to cryptocurrency users, particularly those expecting Binance-branded rewards. Immediate action is recommended to block access at the network or endpoint level using the IP and domain indicators. Users should avoid any interaction, including clicking, connecting wallets, or entering credentials. This domain should be reported to relevant authorities and security vendors for rapid takedown. While the domain infrastructure may be disrupted, threat actors often re-emerge with variations, so continued vigilance is essential.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Binance

## Domain Intelligence
- Registrar: Vercel Inc.
- IP: 216.198.79.131

## Detection Status
- VirusTotal: 10 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0f02b34f-ac33-4796-a423-7e68744a935c
- PhishDestroy: https://phishdestroy.io/domain/binance-red-packet.vercel.app/
- LLM endpoint: https://phishdestroy.io/domain/binance-red-packet.vercel.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/binance-red-packet.vercel.app/
Last updated: 2026-03-26