# icloudnet.info — SUSPICIOUS

> PhishDestroy identifies icloudnet.info as a brand impersonation threat, flagged by 3 of 95 VirusTotal vendors while impersonating Apple.

## Summary
PhishDestroy identifies icloudnet.info as an active brand impersonation domain targeting Apple, currently in operation with elevated risk. This site mimics Apple’s iCloud branding to deceive users into entering credentials or installing malicious software under the guise of legitimate service authentication. The domain’s fraudulent nature is corroborated by multiple threat intelligence sources, necessitating immediate intervention to prevent potential account takeovers or data exposure.  This domain was flagged by 3 of 95 VirusTotal security vendors, indicating limited but present detection by industry-standard tools. Registered through Gransy, s.r.o., the domain resolves to IP address 31.148.99.121 and was created on February 24, 2026. The domain employs a Let’s Encrypt SSL certificate to enhance its appearance of legitimacy, a common tactic among fraudulent sites to bypass browser warnings. Current trust scores are critically low due to its recent registration and deceptive branding, with no established reputation in reputable domain databases. The combination of a newly minted domain, low VT detection, and high-risk impersonation activities places this domain in the elevated threat category, warranting proactive blocking measures.  PhishDestroy recommends immediate action to mitigate risk associated with icloudnet.info. Organizations and users should block the domain at the DNS or firewall level using exact string matching (e.g., 'icloudnet.info'). Additionally, endpoint protection platforms should be updated to include this domain in threat feeds, and security teams should investigate any attempted access to this domain from internal networks. End users should be notified of this threat via security awareness training, emphasizing the importance of verifying domain URLs before entering credentials or downloading files. Continuous monitoring of this domain for new subdomains or infrastructure changes is advised, as threat actors frequently rotate hosting environments to evade detection.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Apple

## Domain Intelligence
- Registered: 2026-02-24 18:29:02
- Registrar: Gransy, s.r.o.
- IP: 31.148.99.121

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/281fb0ce-824c-40bf-983b-a6d0c0ac6426
- PhishDestroy: https://phishdestroy.io/domain/icloudnet.info/
- LLM endpoint: https://phishdestroy.io/domain/icloudnet.info/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/icloudnet.info/
Last updated: 2026-03-29