# kunalcodes447.github.io — MALICIOUS > kunalcodes447.github.io is a crypto drainer impersonating GitHub Pages. Flagged by 11/95 VirusTotal vendors. Avoid interaction and report immediately. ## Summary PhishDestroy identifies kunalcodes447.github.io as an active crypto drainer domain masquerading as a legitimate GitHub Pages site. This domain leverages GitHub’s trusted infrastructure to deceive users into connecting cryptocurrency wallets under the false impression they are accessing a safe, developer-hosted resource. The attackers exploit GitHub’s free hosting to distribute malicious scripts that silently drain funds once wallet connections are approved. This tactic is particularly dangerous because the domain itself is hosted on GitHub’s infrastructure, making it harder for users to spot the deception through domain inspection alone. This domain was flagged by 11 out of 95 security vendors on VirusTotal, indicating a significant but not universal detection rate. It was registered through GitHub, Inc., which confirms its origin as a GitHub Pages site, and resolves to the IP address 185.199.108.153. The SSL certificate, issued by Let’s Encrypt, adds another layer of legitimacy, further masking its malicious intent. These technical indicators suggest the threat actors are leveraging reputable services to enhance the credibility of their phishing campaign. If you visited kunalcodes447.github.io, disconnect any connected cryptocurrency wallets immediately and revoke any unauthorized permissions. Do not interact with the site further, as the crypto drainer may have already initiated unauthorized transactions. Report the domain to your organization’s security team and submit it to threat intelligence platforms like VirusTotal for further analysis. Educate your team about the risks of wallet connections on unfamiliar sites, and consider implementing wallet connection policies to prevent unauthorized access. Stay vigilant for unusual transaction activity and report any suspicious behavior to your financial institution. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 11 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/a80607db-83e7-4e7e-96e3-365dc2ff0b01 - PhishDestroy: https://phishdestroy.io/domain/kunalcodes447.github.io/ - LLM endpoint: https://phishdestroy.io/domain/kunalcodes447.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kunalcodes447.github.io/ Last updated: 2026-03-30