# infernolukso.pages.dev — MALICIOUS — Crypto Drainer (Inferno Drainer)

> infernolukso.pages.dev is a high-risk crypto drainer deploying the Inferno Drainer kit. This domain currently evades detection with 0/95 VirusTotal scores.

## Summary
PhishDestroy identifies infernolukso.pages.dev as an active crypto drainer distributing the Inferno Drainer kit to steal cryptocurrency assets. The domain masquerades under Cloudflare’s Pages.dev infrastructure, leveraging Google Trust Services SSL certificates to enhance legitimacy. This threat specifically targets users within the cryptocurrency ecosystem, aiming to drain wallets by tricking victims into connecting their digital assets under the guise of legitimate transactions or services.  

This domain resolves to IP address 188.114.97.3 and is registered through Cloudflare, Inc. The Inferno Drainer kit is confirmed to be operational on this infrastructure, with VirusTotal currently reporting 0 detections out of 95 scanners. The domain’s SSL certificate is issued by Google Trust Services, which may contribute to its ability to bypass initial scrutiny. While the exact creation date is not disclosed in available intelligence, this domain represents a high-risk threat given its active deployment of cryptocurrency-focused malware. The lack of detections despite its known malicious activity underscores the evolving sophistication of crypto drainers.  

As of the latest assessment, infernolukso.pages.dev remains active and poses a high risk to users who may encounter it through deceptive links or spoofed platforms. Immediate actions include blocking the domain at the network level, updating threat intelligence feeds to include this domain with seed bc8c2a, and warning cryptocurrency users to avoid unsolicited transactions or wallet connections. The remaining risk is elevated due to the domain’s evasion of detection mechanisms and its targeted attack vector. Security teams are advised to monitor for related infrastructure and update blocklists proactively to mitigate exposure.

## Threat Details
- Verdict: MALICIOUS — Crypto Drainer (Inferno Drainer)
- Site status: unknown (HTTP ?)
- Drainer type: Inferno Drainer

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/682cb262-2c07-4ee0-b6d3-7ee1eb980d1f
- PhishDestroy: https://phishdestroy.io/domain/infernolukso.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/infernolukso.pages.dev/llm.txt

## If You Visited This Site
1. Revoke all token approvals immediately (revoke.cash / unrekt.net)
2. Move remaining funds to a new wallet
3. Do not interact with any transactions from this site
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/infernolukso.pages.dev/
Last updated: 2026-03-28