# miguel-nabs.github.io — MALICIOUS

> miguel-nabs.github.io hosts a crypto drainer phishing site mimicking a login page. 11/95 VirusTotal engines flagged this GitHub-hosted domain—verify on.

## Summary
PhishDestroy identifies miguel-nabs.github.io as an active crypto drainer phishing page designed to trick visitors into connecting wallets or entering seed phrases. The site impersonates a legitimate login or wallet interface, prompting users to sign malicious transactions that silently drain funds. This domain was flagged by 11 out of 95 VirusTotal security vendors, indicating a high level of suspicion among the security community.  This domain resolves to IP address 185.199.108.153 and is hosted on GitHub Pages, leveraging a Let’s Encrypt SSL certificate to appear trustworthy. The phishing page was registered via GitHub, Inc., which is commonly abused by threat actors to rapidly deploy malicious content under familiar domains. The combination of GitHub’s infrastructure and a legitimate-looking certificate lowers user suspicion, making this a deceptive and effective attack vector.  If you visited miguel-nabs.github.io, disconnect your wallet immediately and revoke any unauthorized permissions using tools like revoke.cash. Scan your device with updated antivirus software and consider rotating wallet credentials if you entered any sensitive information. Report the domain on PhishDestroy to help others avoid falling victim to this crypto drainer.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 11 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4abc0ecb-8279-46df-8204-adfea58c26c3
- PhishDestroy: https://phishdestroy.io/domain/miguel-nabs.github.io/
- LLM endpoint: https://phishdestroy.io/domain/miguel-nabs.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/miguel-nabs.github.io/
Last updated: 2026-03-24