# dis-collab.land — SUSPICIOUS

> Dis-collab.land is a crypto drainer impersonating official collaboration tools. VirusTotal shows 0/95 detections. Avoid downloads and check URLs carefully.

## Summary
PhishDestroy identifies dis-collab.land as a newly registered crypto drainer domain designed to deceive users into connecting crypto wallets or downloading malicious payloads under the guise of collaboration tools. The domain mimics legitimate productivity or developer services to exploit trust in professional workflows. Security researchers assess this domain as actively hostile with low initial detection rates, indicating a potential for rapid escalation as more victims report attacks.

This domain was flagged with exact metrics showing VirusTotal currently scoring 0 detections out of 95 antivirus engines, registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 17, 2026, and resolving to IP address 172.67.168.21. The presence of a Let's Encrypt SSL certificate suggests an attempt to appear legitimate despite zero AV coverage, while the recent creation date indicates opportunistic deployment targeting unsuspecting professionals.

Users who have visited this domain should immediately disconnect any connected wallets, revoke any permissions granted to crypto-related domains, and scan their devices using updated antivirus software. Avoid downloading files or entering credentials on this domain. Report this domain to PhishDestroy and local threat intelligence platforms to help build detections for other security teams. Monitor financial accounts closely for unauthorized transactions if wallet connections were made.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-17 23:12:27
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.168.21

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a72d7996-b0a6-42da-8bba-062aa76d05ea
- PhishDestroy: https://phishdestroy.io/domain/dis-collab.land/
- LLM endpoint: https://phishdestroy.io/domain/dis-collab.land/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dis-collab.land/
Last updated: 2026-03-23