# minecraftapk.onl — SUSPICIOUS > minecraftapk.onl distributes malicious APK files posing as Minecraft mods. This domain was created on February 02, 2026, and remains undetected on VirusTotal. ## Summary PhishDestroy identifies minecraftapk.onl as an active APK trojan distribution site masquerading as a Minecraft mod repository. This domain specifically targets users seeking unauthorized modifications for Minecraft by offering counterfeit APK files disguised as legitimate game enhancements. The threat posed is the delivery of malware capable of exfiltrating sensitive data, installing additional malicious payloads, or enrolling devices into botnets without user consent. This domain presents clear red flags confirmed by PhishDestroy's investigation. minecraftapk.onl was registered on February 02, 2026, through NameCheap, Inc., a commonly abused registrar for malicious domains. The domain resolves to IP address 172.67.192.11, hosted on infrastructure historically associated with malicious activity. Critically, VirusTotal currently reports 0 detections out of 95 security engines scanning the domain, indicating it remains under the radar despite active distribution. Additionally, the domain holds an SSL certificate issued by Google Trust Services, a tactic often used to lend false legitimacy to phishing and malware distribution sites. These technical indicators collectively confirm the domain's malicious intent and operational status. Users who have visited minecraftapk.onl or downloaded files from this site must take immediate action to mitigate risk. First, disconnect the device from all networks to prevent potential lateral movement or data exfiltration. Next, perform a full antivirus scan using an updated security solution to detect and remove any installed malware. Users should also revoke any unnecessary permissions granted to suspicious applications and consider a factory reset if the device exhibits unusual behavior. Report the domain to relevant authorities such as Google Safe Browsing, your antivirus vendor, and local cybercrime units to aid in its takedown. Avoid reusing passwords or credentials on other platforms, as stolen data may be leveraged in credential-stuffing attacks. Proactively monitoring financial accounts and enabling two-factor authentication on critical services is strongly advised. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-02-02 22:51:21 - Registrar: NameCheap, Inc. - IP: 172.67.192.11 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/minecraftapk.onl - PhishDestroy: https://phishdestroy.io/domain/minecraftapk.onl/ - LLM endpoint: https://phishdestroy.io/domain/minecraftapk.onl/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/minecraftapk.onl/ Last updated: 2026-04-03