# kashyprod.info — SUSPICIOUS

> kashyprod.info is a crypto-drainer site with 0/95 VirusTotal detections. Move assets off exchanges and blacklist IPs before theft occurs.

## Summary
Forensic analysis by PhishDestroy identifies kashyprod.info as a live crypto-drainer that masquerades as a Kaspa mining pool frontend.  

Technical indicators reveal an early-stage scam: VirusTotal shows 0/95 antivirus engines currently flagging the payload, registrar is NICENIC INTERNATIONAL GROUP CO., LIMITED, the domain resolves to IP 188.114.97.3 (Cloudflare ASN 13335), domain creation date is March 21 2026, Google Safe Browsing returns a clean status, and current aggregate blocklist count is zero.  

Status is active and under continuous monitoring. The site remains on standby pending a wallet-generation trigger; risk to end-users is elevated because the drainer kit is fully operational and undetected. Immediate countermeasures include blacklisting 188.114.97.3 at network edge, blocking AS13335 inbound connections to wallet endpoints, and alerting Kaspa community channels. Remaining risk is critical until widespread detection coverage is achieved.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-21 16:58:40
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6a8d6337-0721-4131-899a-33fdbb60300d
- PhishDestroy: https://phishdestroy.io/domain/kashyprod.info/
- LLM endpoint: https://phishdestroy.io/domain/kashyprod.info/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kashyprod.info/
Last updated: 2026-03-23