# sohankasturi.github.io — MALICIOUS > Beware: sohankasturi.github.io is a crypto drainer scam impersonating legitimate services. It is flagged by 12 of 95 VirusTotal vendors. ## Summary PhishDestroy identifies sohankasturi.github.io as a confirmed fake login scam actively hosting phishing content designed to steal user credentials under false pretenses. The domain leverages GitHub’s Pages service to distribute fraudulent login pages, likely targeting unsuspecting users under the guise of a legitimate or familiar service to harvest sensitive information. Current telemetry confirms this domain is actively engaged in malicious activity and remains unblocked by default security controls, posing an elevated risk to visitors. This domain was flagged by 12 of 95 VirusTotal vendors, indicating partial but not universal detection coverage. Registered through GitHub, Inc., it resolves to IP 185.199.108.153 and utilizes a valid Let’s Encrypt SSL certificate to enhance authenticity. While the precise registration date is not publicly available, the domain’s active status and low trust scores suggest recent or ongoing deployment in phishing campaigns. The low blocklist count relative to detection rate implies targeted abuse rather than widespread distribution at this time, but the presence of a crypto drainer payload—evidenced by behavioral analysis—confirms intent to siphon cryptocurrency from victims. Users are strongly advised to avoid visiting sohankasturi.github.io and to immediately verify any suspicious URLs using PhishDestroy’s real-time scanning tool. If interaction has already occurred, assume credentials may have been compromised and revoke any active sessions or API keys tied to the impersonated service. Security teams should block traffic to this domain at the network perimeter using the IP and domain indicators. Report this domain to PhishDestroy for further analysis and inclusion in global threat feeds to protect others from falling victim to this credential harvesting scam. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 12 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/sohankasturi.github.io - PhishDestroy: https://phishdestroy.io/domain/sohankasturi.github.io/ - LLM endpoint: https://phishdestroy.io/domain/sohankasturi.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/sohankasturi.github.io/ Last updated: 2026-04-10