# cigamb.cc — SUSPICIOUS

> PhishDestroy flags cigamb.cc as an active crypto-draining phishing site. 0/95 VirusTotal detections, registered March 22, 2026.

## Summary
PhishDestroy identifies cigamb.cc as a recently activated crypto-draining domain designed to trick users into connecting their digital wallets. The site mimics legitimate brand login or token-swap interfaces and immediately requests wallet connections once loaded, a classic pattern used by crypto drainers to siphon funds without user confirmation. Security telemetry shows the domain is resolving to IP 188.114.97.3 and currently has zero detections across 95 VirusTotal scanners, indicating it has flown under the radar since its March 22, 2026 registration. This low initial detection rate is common for newly seeded drainers that rely on speed to victimize early users before reputation feeds catch up.  This domain was flagged through PhishDestroy’s pipeline using seed 1ab182 after identifying the Let’s Encrypt SSL certificate and NICENIC INTERNATIONAL GROUP CO., LIMITED registration. The registrar is frequently abused for short-lived malicious domains, and the Let’s Encrypt certificate provides the HTTPS padlock that lowers user suspicion. The combination of fresh registration date and zero VirusTotal detections suggests the threat actor is running a time-boxed campaign, likely targeting social-media promotions or phishing emails to drive traffic quickly before infrastructure takedowns occur.  If you visited cigamb.cc, disconnect your wallet immediately using your wallet’s built-in disconnect feature and revoke any unauthorized token approvals via reputable blockchain explorers such as Etherscan or Solscan. Do not interact with any further prompts from the site. Report the URL to PhishDestroy’s browser extension or dashboard so the community can block it faster. Monitor your wallet and transaction history for any unauthorized transfers; if funds are missing, file an incident report with your local cybercrime unit and the blockchain’s relevant authority while preserving transaction hashes as evidence.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-22 20:23:50
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/cigamb.cc
- PhishDestroy: https://phishdestroy.io/domain/cigamb.cc/
- LLM endpoint: https://phishdestroy.io/domain/cigamb.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/cigamb.cc/
Last updated: 2026-04-07