# lido.drops.su — MALICIOUS

> Avoid lido.drops.su due to high-risk phishing threats. This domain is offline but was flagged for malicious activity. Stay vigilant and do not visit.

## Summary
PhishDestroy identifies lido.drops.su as a high-risk phishing domain designed to deceive users and steal sensitive information. The domain was associated with fraudulent schemes that mimicked legitimate services to gain user trust.

Technical analysis shows lido.drops.su was created on February 21, 2026, and appeared on multiple security blocklists. It was flagged by 13 out of 95 security vendors on VirusTotal, indicating a broad consensus on its malicious intent. The domain was registered through a now-defunct registrar and linked to suspicious infrastructure commonly used in phishing campaigns.

Currently, lido.drops.su is offline and no longer accessible. Users are advised to remain cautious of any residual communications or links related to this domain. It is recommended to update security software regularly and avoid clicking on unknown URLs to prevent exposure to similar phishing threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: lido.drops.su

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 194.58.112.165
- IP Country: RU
- IP City: Moscow
- IP Org: AS197695 "Domain names registrar REG.RU", Ltd
- Nameservers: ["ns1.shop.reg.ru", "ns2.shop.reg.ru"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ChainPatrol", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Seclookup", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 4 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "Enkrypt"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a07a7-a7c8-772b-a19e-b8b74d073224.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/5f4abee0-c74b-4a27-8094-7beb15587c01
- PhishDestroy: https://phishdestroy.io/domain/lido.drops.su/
- LLM endpoint: https://phishdestroy.io/domain/lido.drops.su/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lido.drops.su/
Last updated: 2026-03-19