# mega-link.cc — SUSPICIOUS

> mega-link.cc is a crypto drainer targeting victims with a credential theft scam. Flagged by 1 of 95 VirusTotal vendors, avoid this domain now.

## Summary
mega-link.cc has been confirmed as an active crypto drainer scam site, currently flagged for credential theft operations. This domain is under active threat status and poses an elevated risk to potential victims engaging with fraudulent cryptocurrency services. Security researchers and threat intelligence platforms have identified this domain as malicious, with confirmed malicious infrastructure and deceptive operational tactics.    PhishDestroy identifies mega-link.cc as a crypto drainer scam, currently resolving to IP address 104.21.60.88. This domain was registered on June 15, 2023 through NICENIC INTERNATIONAL GROUP CO., LIMITED. VirusTotal analysis confirms 1 of 95 security vendors flag this domain as malicious, while PhishDestroy alone blocks access. The domain operates with an SSL certificate issued by Google Trust Services, indicating an attempt to establish false legitimacy. The presence of this domain on one security blocklist further corroborates its malicious nature.    This domain should be considered HIGH RISK and avoided at all costs. Users who have accessed mega-link.cc should disconnect from any active sessions, revoke any shared credentials, and scan their devices for potential malware infections. Organizations are advised to block this domain at the network level and alert their security teams. The combination of recent domain registration, low VirusTotal detection rate, and active credential theft operations indicates a sophisticated threat actor leveraging new domains to avoid immediate detection. Immediate action is required to prevent financial loss and credential compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2023-06-15 13:16:57
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.60.88

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b1b27eaa-1caa-4086-bd7e-4fdb9cb31ef6
- PhishDestroy: https://phishdestroy.io/domain/mega-link.cc/
- LLM endpoint: https://phishdestroy.io/domain/mega-link.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mega-link.cc/
Last updated: 2026-03-26