# bonk-claims.info — MALICIOUS

> bonk-claims.info is a high-risk crypto drainer domain. Taken offline after being flagged. Check your security and avoid this site to protect assets.

## Summary
PhishDestroy identifies bonk-claims.info as a high-risk crypto drainer domain designed to steal cryptocurrency assets from unsuspecting users. The domain was registered on February 21, 2026, and is linked to malicious activity targeting crypto holders by masquerading as a claims or rewards platform. Its primary objective was to deceive victims into divulging private keys or transferring funds, resulting in financial losses.

Technical analysis reveals that bonk-claims.info was registered through a now-defunct registrar, indicating poor infrastructure hygiene. VirusTotal reports flagged it by 15 out of 95 security engines, and the domain appeared on four major security blocklists, confirming its malicious reputation. The domain's hosting environment was typical for crypto-drainer campaigns, utilizing short-lived infrastructure likely to evade long-term detection.

Currently, bonk-claims.info is offline and no longer accessible. Despite this, potential victims should remain vigilant as similar campaigns may emerge using alternate domains. PhishDestroy recommends users avoid interacting with suspicious crypto claim sites, employ strong endpoint protection, and verify URLs before transacting. Regularly updating security software and consulting threat intelligence feeds can help mitigate exposure to crypto-draining threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: APP Sign in

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Sav.com, LLC
- Country: US
- IP: 208.115.234.114
- IP Country: US
- IP City: New York City
- IP Org: AS46475 Limestone Networks, Inc.
- Nameservers: ["ns1.all-harmless.domains", "ns2.all-harmless.domains"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a9768-13d5-709e-a685-a0061cdc5a2f.png
- PhishDestroy: https://phishdestroy.io/domain/bonk-claims.info/
- LLM endpoint: https://phishdestroy.io/domain/bonk-claims.info/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bonk-claims.info/
Last updated: 2026-03-19