# naufanriyaz.github.io — MALICIOUS > naufanriyaz.github.io is a live crypto drainer phishing site flagged by 9 of 95 VirusTotal scanners. Avoid this GitHub-hosted credential theft trap. ## Summary PhishDestroy identifies naufanriyaz.github.io as an active crypto drainer domain posing elevated theft risk to visitors. This GitHub Pages host at 185.199.108.153 runs a JavaScript-based drainer that silently transfers cryptocurrency from connected wallets once a victim authorizes a transaction. Security vendors already caught 9 out of 95 engines detecting malicious payloads, and the Let’s Encrypt certificate lends unwarranted credibility to the scam page. This domain was registered through GitHub, Inc. and first resolved on an unknown date; however, VirusTotal’s latest scan shows 9 vendors flagging the page, confirming live malicious activity. The IP 185.199.108.153 is part of GitHub’s Pages infrastructure, making the scam harder to block without blocking GitHub itself. Technical analysis indicates the page impersonates a wallet service to trick users into connecting their wallets, after which the drainer drains tokens automatically. If you visited naufanriyaz.github.io, immediately disconnect your wallet from any dApps and revoke any approvals granted to the site via your wallet’s “connected apps” menu. Run a malware scan on your device, change any reused passwords, and monitor blockchain transaction history for unauthorized transfers. Report the domain to your antivirus vendor and GitHub’s abuse team so they can take the page offline. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 9 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/6fc8853f-aff9-490b-af0e-d849a1b43bf4 - PhishDestroy: https://phishdestroy.io/domain/naufanriyaz.github.io/ - LLM endpoint: https://phishdestroy.io/domain/naufanriyaz.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/naufanriyaz.github.io/ Last updated: 2026-03-23