# bybitan.com — SUSPICIOUS

> PhishDestroy flags bybitan.com as a crypto drainer that impersonates Bybit. Domain created Feb 6 2026, VirusTotal score 0/95, registrar GoDaddy.

## Summary
PhishDestroy identifies bybitan.com as an active brand-impersonation site that mimics the global cryptocurrency exchange Bybit. When loaded in a browser, the page displays look-alike login and deposit interfaces designed to trick visitors into entering wallet credentials or scanning malicious blockchain transaction QR codes, which can drain funds from connected wallets. Because the domain is still new and currently undetected by most antivirus engines, it poses an elevated risk to users searching for legitimate Bybit services.  Bybitan.com was registered through GoDaddy.com, LLC on February 6, 2026, and resolves to IP address 47.245.59.109. At the time of analysis it holds a valid Let’s Encrypt SSL certificate, giving it a false veneer of legitimacy. Independent scans on VirusTotal show a current detection ratio of 0 out of 95 engines, indicating that mainstream scanners have not yet flagged the site. These technical markers, combined with the domain’s short age and targeted mimicry of Bybit, point to a recently activated crypto-draining campaign aimed at unsuspecting traders.  If you visited bybitan.com or entered any information, disconnect your wallet immediately and scan your device with updated antivirus software. Do not approve any unexpected blockchain transactions or re-enter credentials on the site. Verify every cryptocurrency-related link against the official Bybit domain—bybit.com—before clicking. Report the suspicious domain to PhishDestroy so the community remains protected as new threats emerge.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Bybit

## Domain Intelligence
- Registered: 2026-02-06 00:57:17
- Registrar: GoDaddy.com, LLC
- IP: 47.245.59.109

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/bybitan.com
- PhishDestroy: https://phishdestroy.io/domain/bybitan.com/
- LLM endpoint: https://phishdestroy.io/domain/bybitan.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bybitan.com/
Last updated: 2026-04-07