# gain-aave.com — MALICIOUS

> gain-aave.com is a high-risk phishing site impersonating Aave. Stay alert and avoid sharing personal info. Learn more on PhishDestroy.

## Summary
PhishDestroy identifies gain-aave.com as a high-risk generic phishing domain designed to impersonate the legitimate Aave platform, a well-known decentralized finance protocol. This type of threat is critical because phishing sites aim to deceive users into divulging sensitive information such as login credentials or private keys, potentially leading to financial loss or identity theft. Users seeking to interact with Aave services must remain cautious of such fraudulent domains to protect their digital assets.

The infrastructure behind gain-aave.com exhibits typical phishing characteristics: it was registered recently through NiceNIC International Group Co., Limited, a registrar sometimes associated with abusive registrations. The domain appeared on at least one security blocklist and was flagged by 12 out of 95 security vendors on VirusTotal, indicating a substantial suspicion level. It resolved to the IP address 104.18.20.145 and has since been taken offline, reducing immediate risk but warranting ongoing vigilance as attackers frequently cycle domains.

Users should avoid visiting gain-aave.com or providing any personal or financial information to this site. When accessing Aave or any other financial service, always verify the domain carefully and consider using bookmarks or official links. Employing security tools that flag phishing attempts and staying informed through services like PhishDestroy can further mitigate risk. In case of accidental interaction, users are advised to monitor their accounts for suspicious activity and update their credentials promptly.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Aave

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 104.18.20.145
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ariadne.ns.cloudflare.com", "nolan.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Seclookup", "Sophos", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0198f41e-09c1-7753-8439-7364dbeea47d.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/30ded0ec-ae2b-4d47-ac3e-71d01e913ae5
- PhishDestroy: https://phishdestroy.io/domain/gain-aave.com/
- LLM endpoint: https://phishdestroy.io/domain/gain-aave.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/gain-aave.com/
Last updated: 2026-03-19