# gramfi-articles.pages.dev — SUSPICIOUS > PhishDestroy warns that gramfi-articles.pages.dev is an ACTIVE crypto drainer impersonating GramFi. Verify this link before interacting; VirusTotal flags 1/95. ## Summary PhishDestroy identifies gramfi-articles.pages.dev as a high-risk crypto drainer campaign active as of the latest scan. This malicious page mimics GramFi’s legitimate multi-chain swap interface to deceive users into connecting wallets and authorizing fraudulent token approvals. The domain leverages Cloudflare’s infrastructure to obfuscate its origin and employs a Google Trust Services SSL certificate to appear legitimate, increasing the likelihood of credential or asset theft. All available threat intelligence corroborates the malicious nature of this domain. VirusTotal detection stands at 1/95 security vendors as of the last update. The domain resolves to IP 172.66.47.98 and is registered through Cloudflare, Inc. While the full creation date is not disclosed, the active status and persistence of the campaign suggest ongoing malicious operations. The page title, "GramFi — Simple Multi-Chain Swaps With Community Rewards," directly impersonates the legitimate GramFi brand to lure unsuspecting cryptocurrency users. Despite the HTTPS certificate issued by Google Trust Services, the domain remains untrusted by the majority of security platforms, underscoring the sophistication of the evasion tactics. Users must immediately avoid interacting with gramfi-articles.pages.dev or any linked cryptocurrency interfaces. To prevent exposure to this crypto drainer, verify URLs using PhishDestroy’s real-time scanning tools before entering wallet credentials or approving transactions. Additionally, revoke any unauthorized wallet connections via reputable blockchain explorers or wallet interfaces such as Etherscan or MetaMask’s connected sites menu. Always cross-check domain names against official sources and use hardware wallets for high-value transactions to mitigate risks associated with fraudulent web interfaces. Report this domain immediately to PhishDestroy for further investigation. ## Threat Details - Verdict: SUSPICIOUS - Site status: alive (HTTP ?) - Page title: GramFi — Simple Multi-Chain Swaps With Community Rewards ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.98 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/1d5c9e8f-1790-4557-808b-df4065353d67 - PhishDestroy: https://phishdestroy.io/domain/gramfi-articles.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/gramfi-articles.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/gramfi-articles.pages.dev/ Last updated: 2026-04-12