# monadreward.web.app — SUSPICIOUS

> monadreward.web.app impersonates Monad to steal crypto assets using a brand impersonation drainer kit. VirusTotal shows 0/95 detections.

## Summary
Domain monadreward.web.app is currently under investigation for brand impersonation targeting Monad users. This fraudulent site mimics Monad’s branding to deploy a drainer kit designed to siphon cryptocurrency from victims. The domain was registered through Google LLC and operates under the .web.app TLD, leveraging Google’s infrastructure to appear legitimate. This suggests a deliberate attempt to exploit trust in Google-hosted services while impersonating a legitimate blockchain project.  This domain resolves to IP 199.36.158.100 and currently holds a clean VirusTotal score of 0/95 detections, indicating that traditional antivirus engines have not yet identified its malicious payload. The domain is registered under Google LLC, which is a common tactic among threat actors seeking to bypass early detection mechanisms. Additionally, the site utilizes a Google Trust Services SSL certificate, further enhancing its credibility to potential victims. No blocklist entries have been recorded as of this analysis, though the active drainer kit remains unmitigated.  As of this report, the domain remains active and poses an evolving threat due to its unflagged status. Users are advised to exercise extreme caution, verify all transaction URLs against official Monad channels, and avoid interacting with unsolicited links. Security researchers should monitor this domain for updates as detection signatures develop. The current risk level is classified as under_investigation, but the presence of an unflagged drainer kit indicates a high potential for financial harm.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Monad

## Domain Intelligence
- Registrar: Google LLC
- IP: 199.36.158.100

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/monadreward.web.app
- PhishDestroy: https://phishdestroy.io/domain/monadreward.web.app/
- LLM endpoint: https://phishdestroy.io/domain/monadreward.web.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/monadreward.web.app/
Last updated: 2026-04-10