# hk.whtsapp.top — MALICIOUS

> PhishDestroy warns against hk.whtsapp.top, a crypto drainer impersonating WhatsApp. 16/95 security vendors flag this active domain.

## Summary
PhishDestroy identifies hk.whtsapp.top as an active crypto drainer domain impersonating WhatsApp, specifically designed to deceive users into connecting malicious cryptocurrency wallets. The domain leverages a spoofed interface to mimic legitimate WhatsApp services, tricking victims into authorizing unauthorized crypto transactions. Technical analysis indicates the use of a generic drainer kit, commonly distributed through phishing links and fraudulent advertisements.  This domain resolves to IP address 47.82.156.75 and was registered on April 02, 2026 through Gname.com Pte. Ltd., a registrar known for accommodating high-risk domains. The domain holds a valid Let's Encrypt SSL certificate, increasing its deceptive authenticity. According to VirusTotal, 16 out of 95 security vendors flag this domain, indicating a significant but not universal detection rate. While this domain has not yet been flagged by Google Safe Browsing (GSB), its recent creation and low blocklist count suggest it remains in early operational stages.  As of current analysis, hk.whtsapp.top remains active with an elevated risk level. PhishDestroy has flagged this domain for immediate user awareness and recommends avoidance of all associated links. Users are advised to verify URLs through PhishDestroy's threat intelligence platform before engaging with any WhatsApp-related services. While risk mitigation efforts are underway, the domain's recent registration and partial detection rate present an ongoing threat to unsuspecting users.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-02 13:40:38
- Registrar: Gname.com Pte. Ltd.
- IP: 47.82.156.75

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/hk.whtsapp.top
- PhishDestroy: https://phishdestroy.io/domain/hk.whtsapp.top/
- LLM endpoint: https://phishdestroy.io/domain/hk.whtsapp.top/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/hk.whtsapp.top/
Last updated: 2026-04-09