# multibit.info — MALICIOUS

> Caution: multibit.info is flagged for phishing risks. Avoid entering sensitive data and verify wallet sources before use.

## Summary
PhishDestroy identifies multibit.info as a high-risk domain associated with generic phishing activities targeting cryptocurrency users. Although it presents itself as a Bitcoin wallet service, the site’s legitimacy is compromised, posing significant threats to users seeking decentralized wallet solutions. The domain is currently active but has been flagged by multiple security vendors and listed on at least one security blocklist, indicating a confirmed risk.

This phishing operation likely attempts to trick users by mimicking legitimate Bitcoin wallet services, such as the original MultiBit Wallet, to steal login credentials or private keys. By visiting multibit.info, users might be prompted to enter sensitive information which can then be harvested for unauthorized access to their cryptocurrency accounts or wallets. The use of a domain resolving to 146.70.233.86 and its detection by 17 out of 95 VirusTotal vendors emphasize the domain’s malicious intent.

If someone has visited multibit.info, it is crucial to avoid entering any personal or financial information. Users who have already shared sensitive data should immediately change their wallet passwords and enable additional security measures like two-factor authentication. Monitoring wallet transactions for suspicious activity and consulting official wallet providers for recovery steps are highly recommended. For safe Bitcoin transactions, always access wallets from trusted and verified sources.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Multibit Wallet - Helping you keep Bitcoin decentralized.

## Domain Intelligence
- Registered: 2026-03-10 13:07:01
- Registrar: REGISTRAR_NOT_FOUND
- IP: 146.70.233.86
- IP Country: CH
- IP City: Zürich
- IP Org: AS9009 M247 Europe SRL
- Nameservers: ns1.146-70-233-84.cprapid.com ns2.146-70-233-84.cprapid.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "BitDefender", "Certego", "CyRadar", "ESTsecurity", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Live Page Content

### Page Text
Forbidden

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd797-8b98-752e-899a-0ffc5a16aa1c.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/d219bbc7-492d-4b79-b7b7-7edec266aa9e
- PhishDestroy: https://phishdestroy.io/domain/multibit.info/
- LLM endpoint: https://phishdestroy.io/domain/multibit.info/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/multibit.info/
Last updated: 2026-03-15