# megasb.cc — SUSPICIOUS

> Megasb.cc is a phishing site hosting a generic phishing scam, flagged by 3 of 95 VirusTotal vendors. Avoid this domain to prevent credential theft or malware.

## Summary
PhishDestroy identifies megasb.cc as an active phishing domain designed to impersonate legitimate services and steal user credentials. This domain was registered on May 31, 2022, and is currently hosted on IP 172.67.201.165, which resolves to megasb.cc. Security vendors have flagged it with a low but concerning detection rate of 3 out of 95 analyzers on VirusTotal, indicating it is actively distributing phishing content despite leveraging a Google Trust Services SSL certificate for a veneer of legitimacy. The domain is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar known for hosting a mix of benign and malicious domains, further raising the risk profile of this threat actor’s infrastructure.


This domain poses a clear and present danger to unsuspecting users who may encounter it through phishing emails, malicious ads, or compromised links. The threat type is classified as a generic phishing campaign, meaning it is not tailored to a specific organization but instead casts a wide net to capture credentials from any victim who interacts with it. The use of a valid SSL certificate suggests an attempt to evade browser-based security warnings, while the low detection rate on VirusTotal highlights the challenge of identifying such threats using automated tools alone. The domain’s age (registered May 31, 2022) and the fact that it remains active suggest the threat actor is persistent and may be rotating or reusing infrastructure to avoid takedowns.


If you have visited megasb.cc, immediately change any passwords or credentials you may have entered on the site, as they may have been compromised. Run a full antivirus scan on your device to check for any malware or unauthorized access. Avoid interacting with this domain or any associated links in the future, and report the domain to your IT security team or through official phishing reporting channels. If you entered payment information or sensitive data, contact your financial institution to monitor for fraudulent activity. Stay vigilant for follow-up phishing attempts, as threat actors often use stolen credentials to launch secondary attacks. Always verify the legitimacy of websites by checking for HTTPS certificates, domain spelling, and other security indicators before entering any information.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2022-05-31 11:20:19
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.201.165

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0ff269dc-01d5-48eb-8a85-b2ed0d350e82
- PhishDestroy: https://phishdestroy.io/domain/megasb.cc/
- LLM endpoint: https://phishdestroy.io/domain/megasb.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/megasb.cc/
Last updated: 2026-03-26