# trusdwallet.github.io — MALICIOUS

> GitHub-hosted trusdwallet.github.io is a crypto drainer using 15/95 vendor detections; avoid wallet connections and report any unauthorized transactions.

## Summary
trusdwallet.github.io presents an elevated risk as an active crypto drainer targeting cryptocurrency wallets through deceptive web interfaces. The domain is hosted on GitHub Pages at 185.199.111.153 and leverages a Let’s Encrypt SSL certificate to appear legitimate. Security vendor detection confirms 15 out of 95 engines flag malicious activity, underscoring its malicious intent. Its association with GitHub Pages does not imply endorsement, as the platform is frequently abused for hosting phishing and crypto-draining scams.

This domain was registered through GitHub, Inc., resolving to IP 185.199.111.153, and shows consistent malicious classification across threat intelligence feeds. With a detection ratio of 15/95 on VirusTotal, it is widely recognized as a crypto drainer designed to siphon funds from unsuspecting users. The use of a reputable certificate authority further complicates detection for end-users, who may assume the service is safe due to the presence of HTTPS.

To mitigate risk, users must avoid interacting with trusdwallet.github.io or any associated wallet connection prompts. If funds have been drained, immediately revoke any connected wallet permissions and report the incident to relevant blockchain analytics platforms and local authorities. Block the domain at network and endpoint levels using threat intelligence feeds referencing this advisory. Always verify sources before connecting wallets and use hardware wallets for high-value transactions to minimize exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.111.153

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/trusdwallet.github.io
- PhishDestroy: https://phishdestroy.io/domain/trusdwallet.github.io/
- LLM endpoint: https://phishdestroy.io/domain/trusdwallet.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trusdwallet.github.io/
Last updated: 2026-04-08