# eplkccounbw.top — MALICIOUS

> eplkccounbw.top identified as credential theft phishing site, 13/95 VirusTotal detections. Block immediately to prevent data compromise.

## Summary
PhishDestroy identifies eplkccounbw.top as an active credential theft phishing domain targeting unsuspecting users. The domain masquerades as a legitimate service to harvest login credentials, posing a direct risk to personal and financial data security. No evidence suggests association with crypto drainer kits or specific brand impersonation at this stage, but the infrastructure is likely repurposed for broader credential harvesting campaigns.


Technical indicators confirm elevated risk: the domain resolves to IP 47.253.178.175 and was registered through Gname.com Pte. Ltd. on July 22, 2025. VirusTotal flags 13 out of 95 security vendors as malicious, indicating partial detection coverage. While no Google Safe Browsing (GSB) status is provided, the domain remains unlisted on major blocklists, suggesting recent emergence. The combination of fresh registration, low detection rates, and newly observed infrastructure heightens exploitation potential.


The domain remains active and unresolved as of this report, with no remediation action observed. Users are strongly advised to block access at network and endpoint levels. Organizations should monitor for inbound and outbound connections to 47.253.178.175 and inspect DNS logs for queries to eplkccounbw.top. Remaining risk is elevated due to active status, low detection coverage, and potential for rapid campaign scaling. Immediate blocking is recommended to mitigate credential theft risk.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-07-22 14:49:17
- Registrar: Gname.com Pte. Ltd.
- IP: 47.253.178.175

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/dda5d4c7-9029-4c7d-93f3-0b4eaa2ecc94
- PhishDestroy: https://phishdestroy.io/domain/eplkccounbw.top/
- LLM endpoint: https://phishdestroy.io/domain/eplkccounbw.top/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/eplkccounbw.top/
Last updated: 2026-03-21