# move-drops.icu — SUSPICIOUS

> PhishDestroy warns: move-drops.icu impersonates a crypto platform as a crypto drainer. This domain, created August 04, 2025, is flagged by 3/95 security vendors.

## Summary
PhishDestroy identifies move-drops.icu as an active crypto drainer posing under the guise of legitimate crypto services, classifying this phishing domain with an elevated risk level.

Captured on VirusTotal, this domain shows a notable 3 out of 95 security vendors flagging the threat, starkly highlighting its malicious intent. Registered through PDR Ltd. d/b/a PublicDomainRegistry.com, the domain resolves to IP 172.67.190.70. First observed on August 04, 2025, the domain carries a Google Trust Services SSL certificate, yet still leverages deceptive tactics to lure victims. Current evidence suggests active deployment without widespread blocklisting, underscoring the need for heightened scrutiny.

Users should immediately abstain from interacting with move-drops.icu, especially for any crypto-related activities. Verify the domain’s legitimacy by cross-referencing with PhishDestroy’s threat intelligence feeds before clicking any links or inputting credentials. Additionally, organizations are advised to block IP 172.67.190.70 at the firewall level and update internal blocklists to prevent accidental exposure. Immediate reporting of any interactions with this domain to PhishDestroy or relevant security teams can help mitigate ongoing campaigns.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-08-04 08:51:07
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 172.67.190.70

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c26276f6-5008-4341-90bf-cc8339cfaf18
- PhishDestroy: https://phishdestroy.io/domain/move-drops.icu/
- LLM endpoint: https://phishdestroy.io/domain/move-drops.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/move-drops.icu/
Last updated: 2026-03-29