# humblesteam.app — SUSPICIOUS

> humblesteam.app is a crypto drainer posing as Humble Bundle. VirusTotal flags 1/95 vendors. Avoid transactions immediately.

## Summary
PhishDestroy identifies humblesteam.app as an elevated-risk crypto drainer domain designed to steal cryptocurrency assets under false pretenses. The site impersonates the legitimate Humble Bundle platform, a popular digital storefront for games and software, to deceive users into connecting wallets or making payments under fraudulent claims. Detection engines classify this as an active crypto drainer, prioritizing it for immediate intervention due to the high financial impact potential to victims.  This domain was flagged by PhishDestroy with a confirmed risk level of elevated and active status. Intelligence shows it resolves to IP 188.114.97.3 and was registered on March 03, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED. A Let's Encrypt SSL certificate is in use, and VirusTotal reports detection by 1 out of 95 security vendors. Given the youth of the domain (created March 2026) and the use of a legitimate-looking certificate, it poses a credible threat to crypto users seeking Humble Bundle services or promotions. The low detection rate on VT suggests it may be newly active or employing evasion techniques.  Mitigation for this crypto drainer threat is urgent. Users should avoid accessing humblesteam.app entirely. If already visited, disconnect all crypto wallets from browser sessions and scan devices for malware. Report the domain to Humble Bundle support and relevant crypto platforms (e.g., Ledger, MetaMask) for takedown and alerting. Block the domain via hosts file or network firewall using IP 188.114.97.3 and domain hash 5d7cd1. Always verify URLs manually and use bookmarks for official sites like humblebundle.com.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-03 16:37:52
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c296ba89-8434-485b-8894-09a008b48459
- PhishDestroy: https://phishdestroy.io/domain/humblesteam.app/
- LLM endpoint: https://phishdestroy.io/domain/humblesteam.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/humblesteam.app/
Last updated: 2026-03-26