# userashii.github.io — MALICIOUS > userashii.github.io is a crypto drainer impersonating legitimate brands. PhishDestroy flags this domain after 16/95 VirusTotal detections. ## Summary userashii.github.io is a confirmed crypto drainer site designed to trick cryptocurrency users into connecting wallets and authorize malicious transactions. Once loaded, the page mimics a legitimate project or service interface, often mimicking NFT or DeFi platforms to appear credible. Victims who interact with wallet connection prompts risk having tokens drained directly from their wallets due to embedded smart contract approvals or malicious JavaScript execution. This domain leverages GitHub Pages to host its fraudulent content, exploiting free hosting to evade immediate takedown and blend into legitimate development activity. PhishDestroy identifies this domain as a high-risk active threat based on multiple independent detections. The domain was flagged by 16 out of 95 VirusTotal security vendors and is officially listed by Google Safe Browsing under the SOCIAL_ENGINEERING category. It is hosted on GitHub Pages (via GitHub, Inc.) and resolves to IP address 185.199.108.153. While the SSL certificate is issued by Let's Encrypt, providing a false sense of security, this does not validate the site's legitimacy. The domain has likely been active recently, though exact registration date is not provided through this dataset. Its use of a reputable hosting provider highlights a growing trend among threat actors who abuse trusted platforms to deliver crypto drainers. If you visited userashii.github.io, do not connect your wallet or enter any credentials. Disconnect your device from the internet if possible, then clear your browser cache and run a full antivirus scan. If you connected your wallet, revoke all malicious token approvals immediately using tools like revoke.cash or your wallet’s built-in approval manager. Report the domain to your wallet provider and file a complaint with your local cybercrime unit or the FBI IC3 portal if financial loss occurred. Always verify URLs via official channels before interacting and use hardware wallets for high-value transactions. Block this domain in your hosts file or network firewall to prevent future access. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 16 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b438a706-f176-4c1b-ab89-e165461a8200 - PhishDestroy: https://phishdestroy.io/domain/userashii.github.io/ - LLM endpoint: https://phishdestroy.io/domain/userashii.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/userashii.github.io/ Last updated: 2026-03-24