# maskairdrop.cc — MALICIOUS

> Discover the risks linked to maskairdrop.cc, a high-risk crypto drainer domain now offline. Stay informed to protect your crypto assets.

## Summary
PhishDestroy identifies maskairdrop.cc as a high-risk domain associated with crypto drainer activities. This domain was utilized in phishing campaigns targeting cryptocurrency users, aiming to steal funds by deploying malicious scripts or fake airdrop schemes. The threat posed by this domain was significant due to its sophisticated social engineering tactics designed to lure victims into compromising their wallets.

The domain maskairdrop.cc was registered on February 21, 2026, but has since been taken offline. Intelligence reveals it was flagged by multiple security vendors and appeared on several security blocklists, signifying widespread recognition of its malicious intent. The domain registration is now marked as dead, indicating it is no longer active or accessible, effectively disrupting ongoing threat operations.

Currently, maskairdrop.cc remains offline and is no longer operational. Users are recommended to avoid any interaction with this domain or related URLs. It is critical for cryptocurrency holders to maintain vigilance, use trusted platforms for transactions, and employ updated security tools to guard against similar phishing threats. Continued monitoring of related infrastructure is advised to detect potential re-emergence or related campaigns.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Scam type: Airdrop Scam
- Target brand: MetaMask
- Page title: MetaMask: The Leading Crypto Wallet Platform, Blockchain Wallet

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 172.67.210.131
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 11 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Lionic", "Seclookup", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 5 hits
  Lists: ["PhishDestroy", "MetaMask", "Polkadot", "Enkrypt", "Codeesura"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199856e-89f1-7310-96de-a948280f684e.png
- PhishDestroy: https://phishdestroy.io/domain/maskairdrop.cc/
- LLM endpoint: https://phishdestroy.io/domain/maskairdrop.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/maskairdrop.cc/
Last updated: 2026-03-19