# kushys.pages.dev — MALICIOUS

> kushys.pages.dev is a crypto drainer site that impersonates a brand. 7 of 95 VirusTotal vendors flag this phishing page hosted on Cloudflare.

## Summary
PhishDestroy identifies kushys.pages.dev as an active crypto drainer page currently impersonating a popular brand. This domain is part of a broader campaign targeting cryptocurrency holders by luring victims to connect their wallets under false pretenses. The site attempts to trick users into signing malicious transactions that silently drain funds, posing significant financial risk to unaware visitors.  

This domain was flagged by 7 out of 95 VirusTotal security vendors, with Google Safe Browsing classifying it under SOCIAL_ENGINEERING tactics. Registered through Cloudflare, Inc., it uses a Let’s Encrypt SSL certificate and resolves to IP 188.114.97.3. These indicators confirm malicious hosting practices commonly associated with crypto drainer infrastructure. The domain’s structure and behavior are consistent with recently observed campaigns leveraging Cloudflare Pages to deploy phishing kits rapidly.  

If you visited kushys.pages.dev, disconnect your wallet immediately and revoke any unauthorized permissions. Do not interact further with the site. Scan your device with updated antivirus software and consider changing passwords linked to cryptocurrency accounts. Report the domain to PhishDestroy and your browser’s security team to help block future access. Always verify URLs and use official platforms before entering sensitive information.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 7 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/842213a8-ed2a-42d1-ae4f-f28994734257
- PhishDestroy: https://phishdestroy.io/domain/kushys.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/kushys.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kushys.pages.dev/
Last updated: 2026-04-01