# claim.cashapples.lat — SUSPICIOUS

> Explore the risks of claim.cashapples.lat, a suspicious crypto drainer domain under active investigation. Stay informed and protect your assets.

## Summary
PhishDestroy identifies claim.cashapples.lat as an active threat domain associated with crypto drainer activities. Though the domain’s malicious intent is still under investigation, its registration and infrastructure indicate potential risk to users dealing with cryptocurrencies. The page title “Just a moment...” hints at possible social engineering tactics designed to deceive victims into compromising their crypto wallets.

The domain resolves to IP address 188.114.97.3 and was registered through PDR Ltd. d/b/a PublicDomainRegistry.com on March 08, 2026. Despite being relatively new, it has not triggered any detections on VirusTotal, showing 0 out of 95 security vendors flagging it as malicious. This lack of detection may be due to its recent creation or evolving attack methods. The domain’s registration via a known registrar and its current activity status warrant close monitoring.

Currently, claim.cashapples.lat is flagged as under investigation but remains active. PhishDestroy advises caution and recommends users avoid interacting with this domain, especially avoiding submitting any sensitive or cryptocurrency-related information. Security professionals should monitor threat intelligence feeds for updates, and users should employ robust endpoint protection and multi-factor authentication to mitigate potential risks from emerging crypto drainer campaigns linked to this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Target brand: Apple
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-03-09 13:07:02
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: amos.ns.cloudflare.com maya.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd29b-16fc-770b-9f90-9f9e7d0969e6.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/9cd7fb7a-c140-4b11-9293-388ddf69acdd
- PhishDestroy: https://phishdestroy.io/domain/claim.cashapples.lat/
- LLM endpoint: https://phishdestroy.io/domain/claim.cashapples.lat/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/claim.cashapples.lat/
Last updated: 2026-03-19