# sabithulla-16.github.io — MALICIOUS

> PhishDestroy identifies sabithulla-16.github.io as a crypto drainer mimicking legitimate crypto platforms. Flagged by 12 of 95 VirusTotal vendors.

## Summary
PhishDestroy has identified sabithulla-16.github.io as an active crypto drainer posing as a legitimate crypto service. The domain is currently classified under the generic phishing threat type and remains in active operation as of the latest analysis. This deceptive site leverages social engineering tactics to trick users into connecting their cryptocurrency wallets, enabling malicious actors to drain funds without consent.  

This domain was flagged by 12 of 95 VirusTotal security vendors, placing it under high-risk scrutiny. It resolves to IP address 185.199.108.153 and is registered through GitHub, Inc. The domain is included on one security blocklist and has been flagged by Google Safe Browsing under the SOCIAL_ENGINEERING category due to its fraudulent impersonation of crypto platforms. It utilizes a Let’s Encrypt SSL certificate to appear legitimate and maintain user trust. Despite its GitHub hosting, the domain’s malicious intent is evident through its association with known phishing infrastructure and cryptocurrency theft.  

Given the high-risk status and confirmed malicious activity, PhishDestroy strongly advises users to avoid accessing sabithulla-16.github.io entirely. Organizations should block this domain at the network perimeter and update firewall rules to prevent outbound connections. Additionally, security teams should conduct endpoint scans for any signs of wallet or credential compromise related to this domain. Users who may have interacted with this site should immediately revoke any connected wallet permissions and transfer remaining assets to a secure, isolated wallet. Stay vigilant against crypto drainer campaigns and prioritize wallet security through hardware-based solutions and multi-signature authentication.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1cad4729-64a3-43f7-9967-65f81847db62
- PhishDestroy: https://phishdestroy.io/domain/sabithulla-16.github.io/
- LLM endpoint: https://phishdestroy.io/domain/sabithulla-16.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sabithulla-16.github.io/
Last updated: 2026-03-31