# revoke-steakhouse.app — SUSPICIOUS > PhishDestroy identifies revoke-steakhouse.app as a brand impersonation scam impersonating OKX with 0/95 VirusTotal detections. ## Summary PhishDestroy has flagged revoke-steakhouse.app (seed 6bb864) as an active domain engaged in brand impersonation targeting OKX, a major cryptocurrency exchange. This domain mimics OKX’s branding to deceive users into surrendering credentials or installing malware, leveraging urgency (e.g., 'revoke access') common in credential-harvesting campaigns. The threat actor operates a spoofed site designed to exploit user trust in legitimate platforms, a tactic increasingly prevalent in crypto-related phishing. This domain resolves to IP 172.67.150.242 and was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 30, 2026. Notably, VirusTotal currently reports 0/95 detections, indicating it evades most antivirus engines, while the Let's Encrypt SSL certificate lends it a veneer of legitimacy. Although not yet widely blocklisted, its recent creation and affinity for OKX branding suggest emerging malicious activity. Users who visited revoke-steakhouse.app are advised to immediately disconnect from the internet, revoke any shared credentials via OKX’s official site, and scan devices for malware. Report the domain to OKX’s fraud team and your local cybersecurity authority. Avoid clicking links from unsolicited emails or messages referencing 'revoked' accounts, as these often precede such lures. Proactively monitor financial accounts for irregularities. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: OKX ## Domain Intelligence - Registered: 2026-03-30 14:56:18 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 172.67.150.242 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/revoke-steakhouse.app - PhishDestroy: https://phishdestroy.io/domain/revoke-steakhouse.app/ - LLM endpoint: https://phishdestroy.io/domain/revoke-steakhouse.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/revoke-steakhouse.app/ Last updated: 2026-04-02