# castlecrashers.fun — SUSPICIOUS

> PhishDestroy identifies castlecrashers.fun as a brand impersonation domain hosting a credential theft campaign. VT shows 0/95 detections.

## Summary
PhishDestroy has flagged castlecrashers.fun as an active brand impersonation domain suspected of hosting a credential theft campaign. The site masquerades as Castle Crashers, a popular indie game, to trick users into revealing login credentials or payment details. Initial risk is under investigation but remains classified as active due to the domain's recent registration and suspicious infrastructure.


This domain resolves to IP 172.67.141.102 and was registered on March 26, 2024 through HOSTINGER operations, UAB. While VirusTotal currently shows 0/95 detections—indicating it has evaded immediate automated detection—its use of a Let’s Encrypt SSL certificate and clean initial scan suggest an evolving threat. The combination of a newly minted domain, hosting affiliate infrastructure, and impersonation of a trusted brand creates a significant risk profile for unsuspecting users.


To mitigate exposure, avoid interacting with castlecrashers.fun and report the domain to your email provider, browser, and local cybersecurity teams. Validate official channels (e.g., steam.com/castlecrashers) before entering any credentials. Enable two-factor authentication on gaming and payment accounts linked to Castle Crashers. Monitor financial statements and change passwords immediately if you suspect interaction.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-26 08:10:38
- Registrar: HOSTINGER operations, UAB
- IP: 172.67.141.102

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7987a171-0873-4b73-9e99-a8858f23a045
- PhishDestroy: https://phishdestroy.io/domain/castlecrashers.fun/
- LLM endpoint: https://phishdestroy.io/domain/castlecrashers.fun/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/castlecrashers.fun/
Last updated: 2026-03-26