# cryptoairdrops.icu — SUSPICIOUS > Stay safe from the active crypto drainer at cryptoairdrops.icu. Avoid this site and never share private keys or passwords online. ## Summary PhishDestroy identifies cryptoairdrops.icu as an active phishing domain designed to steal cryptocurrency by draining victims’ wallets. Users who visit this site risk losing their digital assets because the domain is linked to crypto drainer activity, a type of scam that silently captures sensitive wallet credentials and private keys. This threat poses a medium risk but remains active and dangerous. The phishing operation behind cryptoairdrops.icu typically entices victims with fake crypto airdrop offers that seem legitimate. Once a user interacts, the site prompts them to enter private wallet information or approve malicious transactions, enabling attackers to drain their funds without consent. The domain resolves to IP 172.67.210.186 and was created recently, in February 2026. It is flagged on two security blocklists and detected by some security vendors, highlighting its ongoing malicious use. If you have visited cryptoairdrops.icu, do not share any wallet credentials or private keys and immediately check your crypto accounts for unauthorized activity. Disconnect your wallet from the site and consider moving assets to a new wallet with fresh security. Running a malware scan and updating security measures is also advised. Avoid accessing suspicious domains like cryptoairdrops.icu to protect your crypto assets from theft. ## Threat Details - Verdict: SUSPICIOUS - Site status: alive (HTTP 530) - Scam type: Airdrop Scam - Page title: Just a moment... ## Domain Intelligence - Registered: 2026-02-21 07:01:08 - IP: 172.67.210.186 - SSL Issuer: WE1 ## Detection Status - VirusTotal: 3 vendors flagged Vendors: ["alphaMountain.ai", "CRDF", "Forcepoint ThreatSeeker"] - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["PhishDestroy", "ScamSniffer"] ## Evidence - Screenshot: https://urlscan.io/screenshots/019929ab-8a25-755c-8f9a-c77ff3240f98.png - PhishDestroy: https://phishdestroy.io/domain/cryptoairdrops.icu/ - LLM endpoint: https://phishdestroy.io/domain/cryptoairdrops.icu/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/cryptoairdrops.icu/ Last updated: 2026-03-19