# binanceairdrop.sbs — SUSPICIOUS

> Security researchers have identified binanceairdrop.sbs as a malicious phishing site masquerading as Binance. The domain attempts to harvest crypto wallet credentials through a fake interface. This threat has been added to multiple blocklists for community protection.

## Summary
Threat Overview
The domain binanceairdrop.sbs has been identified as a phishing website designed to impersonate Binance. This malicious site targets cryptocurrency users by creating a convincing replica of the legitimate Binance platform.
Attack Vector
The phishing site attempts to trick users into connecting their wallets or entering their seed phrases and private keys. Once captured, the attackers use these credentials to drain victims' cryptocurrency holdings.
Risk Indicators

- Domain registered on a suspicious TLD (sbs)
- Contains brand keywords associated with Binance
- Domain length: 18 characters
- Uses a TLD frequently associated with malicious domains
- Vt Detected
- Drainer Detected

Recommendations
Always access Binance through the official website. Never enter your seed phrase or private keys on any website. Use hardware wallets for additional security.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Scam type: Airdrop Scam
- Target brand: Binance
- Page title: Binance Airdrop - Claim Your Free Crypto Tokens

## Domain Intelligence
- Registered: 2025-07-23 10:36:15
- Expires: 2026-07-23 23:59:59
- Registrar: ERANET INTERNATIONAL LIMITED
- Country: CN
- IP: 104.21.112.1
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: molly.ns.cloudflare.com roman.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0198f498-d1de-7293-acb3-21493ce54565.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/1afa52ab-11d9-4a7a-8170-a294cbc60382
- Wayback Machine: https://web.archive.org/web/https://binanceairdrop.sbs
- PhishDestroy: https://phishdestroy.io/domain/binanceairdrop.sbs/
- LLM endpoint: https://phishdestroy.io/domain/binanceairdrop.sbs/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/binanceairdrop.sbs/
Last updated: 2026-03-19