# monsterwa.id — SUSPICIOUS > PhishDestroy identifies monsterwa.id as a crypto-draining phishing page with zero VirusTotal detections. Verify suspicious links on PhishDestroy before clicking. ## Summary PhishDestroy identifies monsterwa.id as a generic phishing domain (seed a2d372) actively operating as a crypto drainer kit. While the domain does not currently impersonate a specific brand, it is configured to harvest cryptocurrency wallet credentials or private keys under the guise of a legitimate service. The infrastructure aligns with known patterns used by opportunistic threat actors to intercept unauthorized transfers and divert funds to attacker-controlled wallets. No custom drainer kit signature or unique JavaScript payload has been publicly disclosed, suggesting the use of off-the-shelf tools or newly deployed templates. This domain resolves to IP 172.67.69.214 and was created on January 01, 2026—an unusually recent registration that often correlates with malicious campaigns. It is registered through PT Digital Registra Indonesia and secured with a Google Trust Services SSL certificate, which may be used to lend false credibility to the site. As of the latest scan, VirusTotal reports 0 detections out of 95 engines, indicating that traditional antivirus engines have not yet flagged the domain. The site is not currently blocked by Google Safe Browsing (GSB), and no confirmed entries exist in public blocklists, suggesting a very low initial detection footprint. PhishDestroy has marked monsterwa.id as active under investigation with a medium risk level pending further behavioral analysis. No official takedown requests have been processed, and the domain remains accessible as of seed a2d372. Users are strongly advised to avoid interacting with any links or content associated with monsterwa.id. To enhance safety, always verify unknown domains using PhishDestroy’s real-time scanning tool before entering sensitive information or making transactions. Remaining risk includes potential zero-day status, delayed detection by security vendors, and continued use in spam or social engineering campaigns. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-01-01 03:54:36 - Registrar: PT Digital Registra Indonesia - IP: 172.67.69.214 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/a94c2e70-1524-4303-b691-8f62f0c18a58 - PhishDestroy: https://phishdestroy.io/domain/monsterwa.id/ - LLM endpoint: https://phishdestroy.io/domain/monsterwa.id/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/monsterwa.id/ Last updated: 2026-03-25