# exiodhun.gitbook.io — MALICIOUS

> exiodhun.gitbook.io is a crypto drainer phishing site flagged by 19 of 95 VirusTotal vendors. Avoid this domain to prevent asset theft.

## Summary
PhishDestroy identifies exiodhun.gitbook.io as an active crypto drainer domain currently distributing malicious payloads. The site masquerades as a legitimate GitBook instance while surreptitiously draining cryptocurrency assets from unwitting users. This domain has been confirmed as a high-effort threat with active distribution of drainer scripts.  exiodhun.gitbook.io was flagged by 19 of 95 VirusTotal security vendors and appears on one security blocklist maintained by OISD. The domain resolves to IP address 104.18.40.47 and was created on March 30, 2014. This domain operates under SSL certification from Google Trust Services and is registered through Cloudflare, Inc. The combination of longevity (2014 creation date) and current malicious activity represents significant threat potential as threat actors often repurpose long-standing domains to bypass traditional detection mechanisms.  This domain remains active and continues to pose elevated risk to users engaging with its content. Immediate action is required: users should avoid visiting exiodhun.gitbook.io entirely. Organizations are advised to implement network-level blocking via DNS filtering or firewall rules targeting the IP address 104.18.40.47. Security teams should monitor internal endpoints for any indicators of compromise related to this domain, including connections to the specified IP address or SSL certificates issued by Google Trust Services associated with this domain.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2014-03-30 06:09:09
- Registrar: Cloudflare, Inc
- IP: 104.18.40.47

## Detection Status
- VirusTotal: 19 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a75abfe4-fdbb-42ed-8160-fb9641386493
- PhishDestroy: https://phishdestroy.io/domain/exiodhun.gitbook.io/
- LLM endpoint: https://phishdestroy.io/domain/exiodhun.gitbook.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/exiodhun.gitbook.io/
Last updated: 2026-03-30