# shekharscript.github.io — MALICIOUS

> PhishDestroy identifies shekharscript.github.io as a crypto drainer phishing site flagged by 16/95 VirusTotal vendors via GitHub hosting.

## Summary
PhishDestroy identifies shekharscript.github.io as a live cryptocurrency-draining phishing site. The domain masquerades as a legitimate GitHub Pages project to trick visitors into connecting crypto wallets and signing malicious transactions that silently drain funds. Google’s Safe Browsing already classifies it under SOCIAL_ENGINEERING, indicating intentional deception designed to harvest credentials or assets through fake interfaces.  This domain was flagged by 16 of 95 VirusTotal security vendors and resolves to IP 185.199.108.153 under a Let’s Encrypt SSL certificate—common indicators of opportunistic hosting abuse. Registered through GitHub, Inc., the page leverages GitHub’s trusted infrastructure to appear credible while pushing unauthorized wallet connection prompts. Its active phishing payload targets wallet signatures and private key exposure, posing immediate financial risk to any visitor prompted to “connect” or “approve.”  If you accessed shekharscript.github.io, immediately disconnect your wallet, revoke any unauthorized approvals via blockchain explorers or wallet interfaces, and run a full antivirus scan. Do not enter credentials or sign transactions on this page. Report the domain to GitHub abuse and your wallet provider, and warn others who may have received similar links.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/93492467-ae92-4b1c-87d4-ce4fac4baf67
- PhishDestroy: https://phishdestroy.io/domain/shekharscript.github.io/
- LLM endpoint: https://phishdestroy.io/domain/shekharscript.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/shekharscript.github.io/
Last updated: 2026-03-24