# drop-brevis.network — MALICIOUS — Crypto Drainer (Wallet Connect Abuse)

> Avoid drop-brevis.network, a high-risk crypto drainer domain now offline. Do not engage with Brevis Airdrop offers or Wallet Connect prompts.

## Summary
PhishDestroy identifies drop-brevis.network as a high-risk crypto drainer domain targeting users with fake airdrop incentives. The domain was designed to steal cryptocurrency via Wallet Connect abuse.

This domain resolved to IP 172.67.214.213 and was registered through PublicDomainRegistry.com on 2026-01-03. It was flagged by multiple security vendors, appeared on several blocklists, and was linked to a Wallet Connect drainer kit. Currently, the domain is offline.

Users should avoid interacting with Brevis Airdrop campaigns and never approve wallet connections from untrusted sources. Employ domain and IP blocklists, and monitor for Wallet Connect abuse to mitigate similar threats.

## Threat Details
- Verdict: MALICIOUS — Crypto Drainer (Wallet Connect Abuse)
- Site status: dead (HTTP 403)
- Drainer type: Wallet Connect Abuse
- Scam type: Airdrop Scam
- Kit: Airdrop Scam
- Page title: Brevis Airdrop

## Domain Intelligence
- Registered: 2026-01-03 00:00:00
- Expires: 2027-01-03 00:00:00
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 172.67.214.213
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: troy.ns.cloudflare.com zita.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "Bfore.Ai PreCrime", "CRDF", "CyRadar", "Ermes", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "Lionic", "SOCRadar", "Sophos", "Trustwave", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 5 hits
  Lists: ["PhishDestroy", "ScamSniffer", "Polkadot", "Enkrypt", "Codeesura"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b86e6-ec0f-766e-815d-96a2dd3373ce.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/7c9bcffb-853f-484c-90de-787d3e0fb4fb
- Wayback Machine: https://web.archive.org/web/https://drop-brevis.network
- PhishDestroy: https://phishdestroy.io/domain/drop-brevis.network/
- LLM endpoint: https://phishdestroy.io/domain/drop-brevis.network/llm.txt

## If You Visited This Site
1. Revoke all token approvals immediately (revoke.cash / unrekt.net)
2. Move remaining funds to a new wallet
3. Do not interact with any transactions from this site
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/drop-brevis.network/
Last updated: 2026-03-19