# cryptocomnilogin.webflow.io — MALICIOUS

> cryptocomnilogin.webflow.io used for credential phishing targeting Crypto.com users. Stay alert and avoid entering sensitive info. Check domain safety now.

## Summary
PhishDestroy has identified cryptocomnilogin.webflow.io as a credential phishing domain masquerading as a Crypto.com login portal. The deceptive page title "Crypto.com Login | DeFi Desktop Wallet" was designed to trick users into divulging their login credentials, placing this threat in the high-risk category. The domain exploits the trust associated with Crypto.com's brand to lure victims into submitting sensitive information.

Technical indicators reveal that the domain was registered recently on March 12, 2026, and was hosted on the Webflow platform, a common choice for quick phishing set-ups due to its ease of use. VirusTotal analysis flagged this domain by 18 out of 95 security vendors, confirming its malicious intent. Additionally, cryptocomnilogin.webflow.io appears on at least one security blocklist, further validating its status as a dangerous phishing site.

Currently, the domain is offline, indicating that takedown efforts have been successful or the attacker abandoned the site. PhishDestroy recommends continued monitoring for potential spin-off domains or related phishing campaigns leveraging similar branding. Users should remain vigilant against suspicious links impersonating Crypto.com and verify domain legitimacy before entering any credentials.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 404)
- Target brand: Crypto.com
- Page title: Crypto.com Login | DeFi Desktop Wallet

## Domain Intelligence
- Registered: 2026-03-12 13:07:01
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 18 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "Chong Lua Dao", "CyRadar", "DNS8", "ESET", "Emsisoft", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "LevelBlue", "Lionic", "Netcraft", "OpenPhish", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce544-97d6-76db-a12f-4e92689fa99b.png
- PhishDestroy: https://phishdestroy.io/domain/cryptocomnilogin.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/cryptocomnilogin.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/cryptocomnilogin.webflow.io/
Last updated: 2026-03-19