# crabfuns.xyz — SUSPICIOUS

> PhishDestroy identifies crabfuns.xyz as a credential-harvesting phishing site. Created April 03, 2026, it currently shows 0/95 VirusTotal detections.

## Summary
A newly activated domain, crabfuns.xyz, is actively luring visitors with promises of a fun ‘crab game’ while secretly stealing usernames and passwords. This site mimics a gaming login portal to trick players into entering their real account details, which are then harvested by attackers for account takeovers or sold on underground markets. Never log in through pop-up links or unfamiliar pages, even if they look playful.


PhishDestroy’s investigation reveals this threat is still under the radar: VirusTotal shows 0 detections out of 95 scans, the domain was registered on April 03, 2026, and is hosted on IP 172.67.189.93 via NICENIC INTERNATIONAL GROUP CO., LIMITED. The site even uses a legitimate Let’s Encrypt SSL certificate, adding false trustworthiness. Such low detection rates often indicate fresh phishing infrastructure designed to evade early-stage filters before victims are targeted.


If you visited crabfuns.xyz or entered any login details, immediately change passwords on that site and any other account using the same credentials. Enable two-factor authentication where possible and run a full antivirus scan. Report the domain to your IT team or security provider using the unique seed cd1bbf for tracking. Avoid clicking similar links in messages or social media, and always visit official websites by typing the address yourself.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-03 19:14:17
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.189.93

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/crabfuns.xyz
- PhishDestroy: https://phishdestroy.io/domain/crabfuns.xyz/
- LLM endpoint: https://phishdestroy.io/domain/crabfuns.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/crabfuns.xyz/
Last updated: 2026-04-04