# sofiyamasthan1317.github.io — SUSPICIOUS > Beware: sofiyamasthan1317.github.io is a LIVE crypto drainer impersonating legitimate crypto services. Verify this link on PhishDestroy before clicking. 185.199. ## Summary PhishDestroy identifies sofiyamasthan1317.github.io as an active crypto drainer domain operating under a social-engineering campaign. The site is a GitHub-hosted page that mimics legitimate crypto service interfaces to trick users into connecting wallets and signing malicious transactions. This configuration suggests the use of a drainer kit designed to exfiltrate cryptocurrency assets directly upon signature authorization. While no specific brand is referenced in the available data, the domain’s structure and hosting align with common crypto drainer tactics observed across public repositories. This domain resolves to IP 185.199.108.153 and is currently blocked by two major threat intelligence feeds, including OpenPhish and OISD. VirusTotal shows 0 out of 95 security engines detecting the domain at the time of analysis, indicating a low initial detection rate despite active abuse. The domain was registered through GitHub, Inc., leveraging a legitimate hosting platform to evade immediate takedowns, and operates with a Let’s Encrypt SSL certificate to appear trustworthy. Google Safe Browsing has already classified it under the SOCIAL_ENGINEERING threat category. These technical indicators collectively highlight the sophistication of the operation and its attempt to blend into benign web infrastructure. The current status of sofiyamasthan1317.github.io remains active and under active investigation by PhishDestroy. The domain continues to present a significant risk to users engaging with crypto services via this link. While GitHub has not yet removed the page, PhishDestroy recommends immediate avoidance and verification via its platform before any interaction. Users who have already visited this site are advised to revoke any connected wallet permissions and check transaction histories for unauthorized transfers. The remaining risk is high due to low detection rates and active evasion tactics, reinforcing the need for continued monitoring and user caution. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 2 hits Lists: ["OpenPhish", "OISD"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/sofiyamasthan1317.github.io - PhishDestroy: https://phishdestroy.io/domain/sofiyamasthan1317.github.io/ - LLM endpoint: https://phishdestroy.io/domain/sofiyamasthan1317.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/sofiyamasthan1317.github.io/ Last updated: 2026-04-04