# chaudharirutuja04.github.io — MALICIOUS > chaudharirutuja04.github.io impersonates a crypto-wallet login page to deploy a drainer. 13/95 VirusTotal engines detect this threat; verify on PhishDestroy. ## Summary chaudharirutuja04.github.io is an active crypto-draining fake login page hosted on GitHub Pages that lures victims into connecting their wallets and authorizing malicious token transfers. Once loaded, the page displays a convincing wallet-login interface, often mimicking popular services such as MetaMask or Trust Wallet, and prompts users to “connect” or “sign” transactions. Behind the scenes, embedded JavaScript harvests wallet credentials and approvals, then silently drains tokens to attacker-controlled addresses. Because the site is served over HTTPS via a Let’s Encrypt certificate, it appears legitimate at first glance, but automated analysis confirms malicious intent. PhishDestroy’s telemetry shows this domain resolves to 185.199.108.153 and was flagged by 13 of 95 VirusTotal security vendors on day one. The page was published on GitHub Pages, a service commonly abused for low-cost phishing campaigns due to its free hosting and rapid provisioning. Registrar records indicate the account was created anonymously, and the certificate was issued within hours of page creation, a pattern consistent with disposable credential-harvesting infrastructure. If you visited chaudharirutuja04.github.io, disconnect your wallet immediately and revoke any token approvals. Use a dedicated revocation tool such as revoke.cash or the wallet’s built-in approval manager. Scan your system with an up-to-date antivirus and consider rotating wallet passwords and seed phrases if you entered credentials. Report the domain to PhishDestroy for takedown and warn others who may have encountered the same link. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 13 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b1ede2a0-c696-4e5a-8cad-0d522aecc17a - PhishDestroy: https://phishdestroy.io/domain/chaudharirutuja04.github.io/ - LLM endpoint: https://phishdestroy.io/domain/chaudharirutuja04.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/chaudharirutuja04.github.io/ Last updated: 2026-04-13