# muqeet377.github.io — MALICIOUS

> PhishDestroy identifies muqeet377.github.io as a crypto drainer scam—15/95 security vendors flag it. Avoid connecting wallets or entering data.

## Summary
PhishDestroy identifies muqeet377.github.io as a generic phishing site operating as a crypto drainer, likely targeting cryptocurrency wallet connections or private key harvesting to facilitate fund theft. The domain is not masquerading as a specific brand (e.g., Coinbase or MetaMask), which suggests opportunistic credential or asset theft rather than high-value impersonation campaigns. Its use of a GitHub Pages subdomain implies low operational cost and quick deployment, a common tactic among opportunistic threat actors seeking to evade detection while distributing drainer scripts or phishing forms. The absence of known brand impersonation in historical telemetry limits contextual threat attribution, but the generic nature of the domain and the presence of a crypto drainer payload align with automated or semi-automated phishing campaigns targeting decentralized finance (DeFi) users.

Technical indicators confirm elevated risk: VirusTotal detection stands at 15 out of 95 security vendors, correlating with widespread suspicion but limited consensus. The domain resolves to IP 185.199.108.153 via GitHub, Inc., a legitimate hosting provider that has been abused for malicious content delivery. No Google Safe Browsing (GSB) blocklist status or public creation date is available through open sources, indicating recent registration or deliberate obfuscation. Independent threat intelligence platforms report no known association with major drainer kits (e.g., Angel Drainer, Inferno Drainer), suggesting either a bespoke or recycled exploit rather than deployment of a premium, signature-based threat suite.

As of current assessment, the domain remains active with no visible takedown actions. GitHub-hosted content can be removed under abuse policies, but threat actors often migrate quickly to alternate subdomains or domains. The elevated risk (per seed 1a4c61) persists due to active hosting, low detection consensus, and cryptocurrency-focused delivery vectors. Users should avoid interaction entirely, especially wallet connections or sensitive data entry. Report the domain to GitHub Abuse and local CERT teams via phishing abuse channels. Remaining risk is MODERATE-HIGH pending removal or network-level blocking.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a2d73f27-1255-4c01-b148-8c75bafc6a32
- PhishDestroy: https://phishdestroy.io/domain/muqeet377.github.io/
- LLM endpoint: https://phishdestroy.io/domain/muqeet377.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/muqeet377.github.io/
Last updated: 2026-03-24