# idapple-br.com — MALICIOUS

> idapple-br.com is a confirmed Apple brand impersonation phishing site posing as a credential theft portal.

## Summary
PhishDestroy identifies idapple-br.com as an active phishing domain impersonating Apple to harvest user credentials. The site leverages Apple’s brand recognition to trick victims into entering login details, likely for subsequent account compromise or fraudulent transactions. No crypto-drainer kit signatures were detected in sandbox analysis, indicating a focus on credential theft rather than cryptocurrency theft.  idapple-br.com exhibits clear malicious indicators, including a VirusTotal detection rate of 20/95 security vendors, a Let’s Encrypt SSL certificate, and association with IP address 172.67.206.205. The domain was registered on August 26, 2025, through Gransy, s.r.o., and is currently blocked by three major blocklists: OpenPhish, PhishingArmy, and OISD. Google Safe Browsing (GSB) has flagged this domain as unsafe, reinforcing its malicious classification.  This domain remains active and poses a high risk to any user attempting to access it. Immediate action is required from security teams and end-users: block the domain at the network perimeter, update firewall rules to deny traffic to 172.67.206.205, and warn users against visiting idapple-br.com. While the domain’s recent creation suggests a short-lived campaign, the presence of multiple blocklist entries and high VT detection underscores its aggressive threat profile. Remaining risk is elevated due to active propagation and the use of a legitimate-looking Apple-branded lure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-08-26 12:57:02
- Registrar: Gransy, s.r.o.
- IP: 172.67.206.205

## Detection Status
- VirusTotal: 20 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["OpenPhish", "PhishingArmy", "OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/idapple-br.com
- PhishDestroy: https://phishdestroy.io/domain/idapple-br.com/
- LLM endpoint: https://phishdestroy.io/domain/idapple-br.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/idapple-br.com/
Last updated: 2026-04-08