# bitmmatalogi.webflow.io — MALICIOUS > bitmmatalogi.webflow.io impersonates financial brands to deliver credential-stealing malware. 19 of 95 VirusTotal vendors detected it. ## Summary PhishDestroy identifies bitmmatalogi.webflow.io as an active, elevated-risk domain engaged in generic phishing activity designed to harvest login credentials and financial data from unsuspecting users. The site operates under a fraudulent guise, exploiting consumer trust to mimic legitimate financial institutions or cryptocurrency services. This domain currently poses an active threat to individuals and organizations interacting with its malicious content. bitmmatalogi.webflow.io was flagged by 19 of 95 VirusTotal security vendors at the time of analysis, indicating substantial recognition of its malicious intent within the cybersecurity community. The domain resolves to IP address 172.64.151.8 and is secured with an SSL certificate issued by Google Trust Services, a tactic often used to lend false legitimacy to fraudulent websites. Despite its HTTPS encryption, the domain remains untrusted due to its association with confirmed phishing campaigns. While specific details such as registrar name, creation date, and blocklist cross-references were not available within the provided dataset, the combination of high VirusTotal detections and malicious IP resolution underscores its elevated risk profile. The presence of a Google-issued certificate suggests opportunistic misuse of trusted infrastructure rather than authentic validation, reflecting a deliberate strategy to deceive visitors. This domain is currently active and distributing malicious payloads under the guise of financial or cryptocurrency-related services. Users are strongly advised to avoid visiting bitmmatalogi.webflow.io and to immediately remove any bookmarks or cached access points. Organizations should update firewall rules and DNS blocklists to include this domain and its hosting IP (172.64.151.8). If any interaction has already occurred, users should change passwords on all associated accounts, enable multi-factor authentication where available, and run a full antivirus scan. Report this domain to your enterprise security team, local CERT, and domain registrars like Webflow to support collective threat mitigation. Immediate action is warranted to prevent credential compromise and financial loss. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.64.151.8 ## Detection Status - VirusTotal: 19 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f80ffe5d-15bb-4a32-9cd0-62871fa1fcd0 - PhishDestroy: https://phishdestroy.io/domain/bitmmatalogi.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/bitmmatalogi.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bitmmatalogi.webflow.io/ Last updated: 2026-03-21