# rug-cashback.live — SUSPICIOUS

> PhishDestroy flags rug-cashback.live as an active crypto drainer impersonating a bogus cashback offer.

## Summary
PhishDestroy identifies the domain rug-cashback.live as an active crypto drainer campaign designed to trick users into connecting wallets under the false promise of cashback rewards.

This domain was flagged with an elevated risk level and has minimal detection coverage, with only 1 out of 95 VirusTotal security vendors currently flagging the URL. The domain was registered through PDR Ltd. d/b/a PublicDomainRegistry.com on March 24, 2026, and resolves to IP 172.67.174.48 under a Let's Encrypt SSL certificate, adding a false sense of legitimacy.

Users who visited this domain should immediately disconnect any connected wallets, revoke any unauthorized permissions, and scan their devices for malware. Avoid interacting with similar unsolicited cashback offers and verify URLs using PhishDestroy before taking any action.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-24 12:20:44
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 172.67.174.48

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/87740c53-e921-4743-910b-a51efd666ad4
- PhishDestroy: https://phishdestroy.io/domain/rug-cashback.live/
- LLM endpoint: https://phishdestroy.io/domain/rug-cashback.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rug-cashback.live/
Last updated: 2026-03-24