# update365b.live — SUSPICIOUS

> update365b.live is a credential phishing domain mimicking an official update portal, flagged by 2 of 95 VirusTotal vendors.

## Summary
update365b.live is identified as an active credential phishing domain posing as a legitimate software update portal. The domain is designed to deceive users into submitting login credentials or personal information under false pretenses, exploiting trust in update notifications. Based on current intelligence, the threat is classified as credential phishing with an elevated risk level, and the domain remains active as of the latest assessment.


PhishDestroy identifies this domain as a credential phishing operation targeting users with fraudulent update notifications. The domain resolves to IP address 145.79.213.135 and employs a Let's Encrypt SSL certificate to appear legitimate. This domain was flagged by 2 of 95 VirusTotal security vendors, indicating limited but concerning detection. Registered through HOSTINGER operations, UAB, the domain was created on March 27, 2026, suggesting a recent and opportunistic setup. The low blocklist count and absence of established trust scores further highlight its transient and malicious nature. The use of HOSTINGER as a registrar does not imply legitimacy, as abuse is commonly observed with this provider.


The current status of update365b.live remains active, with no evidence of takedown or remediation at this time. Users are strongly advised to avoid interacting with this domain, particularly any prompts requesting login credentials or personal information. If encountered, report the domain to your organization's security team or through platforms like Google Safe Browsing, PhishTank, or your local CERT. To mitigate risk, ensure multi-factor authentication is enabled on all accounts, especially those tied to software updates or system notifications. Consider blocking the domain and IP address at your network perimeter to prevent accidental exposure. Stay vigilant for similar domains, as threat actors frequently rotate infrastructure to evade detection.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-27 10:15:11
- Registrar: HOSTINGER operations, UAB
- IP: 145.79.213.135

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0de24d9a-a024-417e-b80f-138250df77b2
- PhishDestroy: https://phishdestroy.io/domain/update365b.live/
- LLM endpoint: https://phishdestroy.io/domain/update365b.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/update365b.live/
Last updated: 2026-03-27