# segera-ambildanakagetmu.duckdns.org — MALICIOUS

> segera-ambildanakagetmu.duckdns.org is a crypto drainer phishing site flagged by 19 of 95 VirusTotal vendors. Avoid this domain to prevent cryptocurrency theft.

## Summary
PhishDestroy identifies segera-ambildanakagetmu.duckdns.org as an active crypto drainer phishing site posing significant risk to cryptocurrency users. This fraudulent domain is designed to trick visitors into connecting their digital wallets with malicious intent, specifically targeting cryptocurrency holdings rather than traditional credentials or personal data. The site masquerades as a legitimate service promising quick fund transfers or urgent account actions, a common tactic among crypto drainers to lure victims into unauthorized wallet connections.  This domain was flagged by 19 security vendors out of 95 according to VirusTotal analysis, indicating widespread recognition of its malicious nature. The domain resolves to IP address 164.92.106.135 and is associated with the DuckDNS dynamic DNS service, which threat actors frequently exploit to host malicious infrastructure. The SSL certificate issued for segera-ambildanakagetmu.duckdns.org suggests an attempt to appear legitimate, though the domain name itself is clearly nonsensical and designed to deceive through urgency and emotional manipulation. Security systems including OpenPhish have already blocked this domain, but new versions frequently emerge as threat actors rotate infrastructure.  If you visited segera-ambildanakagetmu.duckdns.org, immediately disconnect your wallet from any unfamiliar websites, revoke any suspicious permissions through your wallet interface, and transfer remaining funds to a new wallet if you suspect compromise. Never enter wallet recovery phrases or private keys on any website, no matter how urgent the message appears. Report any unauthorized transactions to your wallet provider and local cybercrime authorities immediately. Consider using hardware wallets and URL filtering tools to prevent future exposure to crypto drainer domains. Monitor your transaction history closely in the coming days, as drained funds may not be immediately apparent through conventional notification systems.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 164.92.106.135

## Detection Status
- VirusTotal: 19 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8740fbd5-a50e-442f-8fd6-4c320e351a72
- PhishDestroy: https://phishdestroy.io/domain/segera-ambildanakagetmu.duckdns.org/
- LLM endpoint: https://phishdestroy.io/domain/segera-ambildanakagetmu.duckdns.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/segera-ambildanakagetmu.duckdns.org/
Last updated: 2026-03-29