# moonshotsvote.fun — SUSPICIOUS > moonshotsvote.fun impersonates Moonshot in a brand impersonation phishing scam. VirusTotal score: 0/95. Check the full report. ## Summary PhishDestroy identifies moonshotsvote.fun as an active brand impersonation campaign targeting Moonshot users. This domain employs deceptive tactics to mimic official Moonshot branding, aiming to harvest credentials or distribute malicious payloads. The campaign’s infrastructure and methodology remain under investigation, but preliminary analysis suggests a focus on deception through visual replication of trusted Moonshot interfaces. No drainer kit or secondary payloads have been confirmed at this stage, though the threat is considered active. Technical indicators for moonshotsvote.fun are concerning. The domain resolves to Internet Protocol (IP) address 172.67.168.194 and was registered on March 28, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com. Despite the domain’s recent creation, it has already been assigned an SSL certificate via Let’s Encrypt, which may serve to enhance its perceived legitimacy. VirusTotal currently reports 0 out of 95 detection engines flagging this domain as malicious, indicating its novelty and lack of widespread recognition as a threat. The domain has not been flagged by Google Safe Browsing (GSB) and is not yet listed on any known blocklists. This low detection rate and absence from threat intelligence feeds underscore the need for proactive monitoring and user awareness. This campaign is classified as active with a risk level marked as 'under_investigation', reflecting the current lack of conclusive evidence regarding its ultimate objectives. The absence of detections and blocklist inclusions suggests the threat actors may be in initial deployment phases or testing the domain’s effectiveness. Until additional information emerges, users should exercise extreme caution when encountering moonshotsvote.fun or related domains. Organizations and individuals are advised to verify URLs, avoid interacting with unsolicited communications, and report suspicious domains to relevant threat intelligence platforms or cybersecurity teams. The remaining risk is deemed moderate, contingent on the campaign’s evolution and the deployment of more sophisticated evasion techniques. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Moonshot ## Domain Intelligence - Registered: 2026-03-28 10:30:57 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 172.67.168.194 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/moonshotsvote.fun - PhishDestroy: https://phishdestroy.io/domain/moonshotsvote.fun/ - LLM endpoint: https://phishdestroy.io/domain/moonshotsvote.fun/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/moonshotsvote.fun/ Last updated: 2026-04-05