# bitfghurt-login.webflow.io — SUSPICIOUS

> Domain bitfghurt-login.webflow.io is a crypto drainer credential theft page with 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies bitfghurt-login.webflow.io as an active credential theft domain designed to impersonate Bitfghurt, a legitimate cryptocurrency platform. The site mimics official login pages to trick users into surrendering credentials, which may then be abused to drain wallets or hijack accounts. The attack leverages a webflow.io subdomain to add perceived legitimacy while hosting a fraudulent interface that captures entered credentials. Users should treat any unexpected login prompts from this domain as malicious, even if it appears superficically similar to real services.


This domain was flagged by PhishDestroy after analysis revealed 0 detections out of 95 on VirusTotal as of current scanning, indicating it remains undetected by most antivirus engines. It resolves to IP 172.64.151.8 and uses a Google Trust Services SSL certificate to appear secure. The domain was registered recently and uses Webflow’s hosting platform to disguise its malicious nature. Despite its polished appearance, the intent is clearly to harvest login credentials under false pretenses.


If you visited bitfghurt-login.webflow.io and entered any credentials, immediately change passwords on all related accounts, enable two-factor authentication, and revoke any wallet approvals or API keys granted to suspicious domains. Scan your device for malware using a reputable antivirus tool, as stolen credentials may be used for follow-on attacks. Report the domain to your security team and avoid interacting with similar login prompts in the future to prevent credential theft or cryptocurrency loss.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 172.64.151.8

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/bitfghurt-login.webflow.io
- PhishDestroy: https://phishdestroy.io/domain/bitfghurt-login.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/bitfghurt-login.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bitfghurt-login.webflow.io/
Last updated: 2026-04-05