# odogamb.cc — MALICIOUS

> odogamb.cc is a crypto drainer phishing site with 6/95 VirusTotal detections. Check the full report to verify safety and assess risks before interaction.

## Summary
odogamb.cc is a recently activated crypto drainer phishing domain designed to deceive users into connecting cryptocurrency wallets and transferring assets to attacker-controlled addresses. This domain mimics legitimate crypto-related services or brands to exploit trust and facilitate financial theft. The infrastructure leverages a drainer kit commonly associated with clipboard hijackers and wallet-draining malware, which alters cryptocurrency wallet addresses in real time to redirect transactions to adversary-controlled addresses. The domain does not appear to impersonate a specific brand but instead uses a generic crypto-themed naming convention to attract victims searching for decentralized finance (DeFi) or trading tools.  

This domain was flagged by PhishDestroy with an elevated risk rating based on multiple technical indicators. According to VirusTotal, 6 out of 95 security vendors have detected malicious activity associated with odogamb.cc as of the latest scan. The domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and resolved to IP address 188.114.97.3 at the time of analysis. The domain was created on March 30, 2026, which is highly unusual and indicative of a fast-turnover malicious campaign. The SSL certificate is issued by Let's Encrypt, a common tactic used by threat actors to appear legitimate. While Google Safe Browsing (GSB) status and blocklist counts are not specified in this report, the combination of low VT detection ratio, recent registration, and IP association suggests active but not yet widely blocked infrastructure.  

As of the current assessment, odogamb.cc remains active and poses an elevated threat to users engaging with crypto-related services. Immediate defensive actions include blocking the domain at the network perimeter and updating browser blacklists to prevent access. Users should avoid visiting the site and verify any crypto-related links through trusted sources before interaction. Although the domain uses a legitimate-looking SSL certificate, this does not guarantee safety. The risk remains elevated due to the active campaign lifecycle and low cross-vendor detection. Continuous monitoring and threat intelligence sharing are recommended to prevent further victimization.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-30 08:03:08
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 6 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b7617dfd-76a1-4283-b588-92774d08384c
- PhishDestroy: https://phishdestroy.io/domain/odogamb.cc/
- LLM endpoint: https://phishdestroy.io/domain/odogamb.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/odogamb.cc/
Last updated: 2026-04-14