# m--sso--bitmrt--ca.webflow.io — MALICIOUS

> m--sso--bitmrt--ca.webflow.io is a high-risk phishing domain mimicking BitMart login. Avoid this site and verify URL safety now.

## Summary
PhishDestroy has identified m--sso--bitmrt--ca.webflow.io as an active phishing domain targeting BitMart users. Classified under generic phishing, this domain attempts to deceive victims by impersonating the official BitMart login page, as indicated by its page title "Log in to your BitMart® account | BitMart® Exchange." The domain’s suspicious naming convention and use of a subdomain structure are typical tactics to confuse users and bypass casual detection.

Technically, the domain was registered recently on March 12, 2026, which is a common trait among phishing websites that often have short lifespans. It currently appears on one security blocklist, reinforcing its malicious intent. VirusTotal analysis reveals that 19 out of 95 security vendors flag this domain, confirming its association with phishing activity. These indicators, combined with the domain’s infrastructure hosted on Webflow, are leveraged to create credible-looking pages designed to harvest credentials.

The phishing site remains active and poses a significant threat to anyone attempting to access BitMart services via this URL. Users are strongly advised to avoid entering any login information on this domain. PhishDestroy recommends verifying URLs carefully and consulting trusted sources before submitting credentials. Ongoing monitoring and blocking of this domain are critical to protect the community from credential theft and related fraud.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Log in to your BitMart® account | BitMart® Exchange

## Domain Intelligence
- Registered: 2026-03-12 13:07:01
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "LevelBlue", "Lionic", "MalwareURL", "Netcraft", "OpenPhish", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce14d-475a-7590-ba93-fdf6a591db47.png
- PhishDestroy: https://phishdestroy.io/domain/m--sso--bitmrt--ca.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/m--sso--bitmrt--ca.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/m--sso--bitmrt--ca.webflow.io/
Last updated: 2026-03-19