# studiotools.space — SUSPICIOUS

> studiotools.space is a Google Ads phishing domain flagged by 2/95 VirusTotal engines. This fraudulent site mimics a legitimate studio tools service to steal.

## Summary
PhishDestroy identifies studiotools.space as an active Google Ads phishing domain designed to harvest cryptocurrency wallet credentials and user login details through deceptive advertisements. This threat leverages paid search results to impersonate a legitimate studio tools service, redirecting unsuspecting users to a fraudulent landing page where malicious scripts capture sensitive data. The domain employs a drainer kit optimized for crypto theft, targeting individuals searching for professional studio software or related services.  studiotools.space exhibits a high-risk profile with precise technical indicators: it resolves to IP 172.67.158.108, was registered on December 11, 2025 through PDR Ltd. d/b/a PublicDomainRegistry.com, and holds an SSL certificate issued by Google Trust Services. VirusTotal analysis flags this domain with a 2/95 detection score, indicating minimal vendor recognition despite its active malicious operations. The domain remains unlisted on major blocklists, compounding its threat potential as it flies under the radar of conventional security measures.  As of the latest assessment, studiotools.space remains active and operational, with no confirmed takedown or mitigation measures in place. Users are strongly advised to avoid clicking on any paid advertisements for this domain and to verify the legitimacy of studio tools services through official channels. The elevated risk persists due to the domain’s recent creation, lack of widespread detection, and sophisticated phishing infrastructure. Immediate avoidance and reporting of this domain are critical to prevent credential theft and financial loss.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-11 16:43:56
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 172.67.158.108

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9a95c50c-7899-4dfb-8cdc-45efb4b8c5a8
- PhishDestroy: https://phishdestroy.io/domain/studiotools.space/
- LLM endpoint: https://phishdestroy.io/domain/studiotools.space/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/studiotools.space/
Last updated: 2026-03-29