# drop.bond — SUSPICIOUS

> PhishDestroy identifies drop.bond as a crypto drainer phishing site. VT score 0/95, IP 64.190.63.222, registered Nov 2020. Verify before clicking!

## Summary
PhishDestroy identifies drop.bond as a crypto drainer domain actively distributing malicious scripts designed to siphon cryptocurrency from unsuspecting users. The domain does not impersonate a specific brand but instead leverages a generic 'drop' branding to obscure its true intent. This threat type is classified as a crypto drainer kit, which typically injects malicious JavaScript into web pages to monitor and intercept cryptocurrency transactions or wallet connections.  

This domain resolves to IP address 64.190.63.222 and was registered through Dominet (HK) Limited on November 15, 2020. VirusTotal currently shows 0/95 detections for drop.bond, indicating it remains under the radar of major antivirus engines. The domain holds a valid SSL certificate issued by DigiCert Inc, which may contribute to its ability to bypass basic security checks. As of now, drop.bond does not appear on Google Safe Browsing (GSB) blocklists, and no public blocklist counts are available.  

The domain is currently active and remains under investigation by PhishDestroy. Users are strongly advised to avoid interacting with drop.bond or any associated links. The risk level is marked as 'under_investigation,' suggesting further analysis is required to confirm the full scope of its operations. While no immediate action has been taken to block the domain, PhishDestroy recommends verifying any suspicious domains through its platform before proceeding. The remaining risk is considered elevated due to the domain's low detection rate and active status.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2020-11-15 15:48:04
- Registrar: Dominet (HK) Limited
- IP: 64.190.63.222

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8c253fcb-02a7-4b11-8372-8ec8de0242b2
- PhishDestroy: https://phishdestroy.io/domain/drop.bond/
- LLM endpoint: https://phishdestroy.io/domain/drop.bond/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/drop.bond/
Last updated: 2026-03-22