# casultra.com — MALICIOUS > casultra.com is a confirmed crypto drainer phishing site with 6/95 VirusTotal detections. Users risk wallet theft if wallets are connected. ## Summary PhishDestroy identifies casultra.com as an active crypto drainer phishing campaign designed to steal cryptocurrency from unwary users. This domain masquerades as a legitimate service to trick victims into connecting their digital wallets, whereupon malicious scripts drain funds. The campaign exploits trust in familiar branding and leverages a fraudulent SSL certificate issued by Google Trust Services to appear authentic, increasing the risk of successful compromise. This domain was flagged by 6 out of 95 VirusTotal security vendors, indicating a moderate but elevated threat level. Investigation shows the domain was registered recently and has not yet been widely blocklisted, increasing its likelihood of luring unsuspecting users. The combination of a high-risk detection rate, misleading SSL trust, and active deployment suggests a targeted and ongoing campaign likely aimed at crypto investors and DeFi participants. Users who have visited casultra.com or interacted with its pages should immediately disconnect any connected wallets, revoke any granted permissions through their wallet interface, and scan their devices for malware. Do not enter any credentials or connect wallets on this domain. Report suspicious activity to your wallet provider and consider blacklisting the domain at your network level. Stay cautious of unsolicited links, especially in crypto-related contexts, to prevent credential theft or wallet drain. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence ## Detection Status - VirusTotal: 6 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits Lists: [] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/da7a7bdb-2066-4ab9-8c71-6fa781ed2844 - PhishDestroy: https://phishdestroy.io/domain/casultra.com/ - LLM endpoint: https://phishdestroy.io/domain/casultra.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/casultra.com/ Last updated: 2026-03-26