# vektral.app — SUSPICIOUS

> vektral.app impersonates a cryptocurrency platform to steal funds via a phishing drainer kit. VirusTotal score 0/95. Check the full report.

## Summary
vektral.app is an active phishing domain first observed on March 18, 2026, registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and resolving to IP 94.154.172.39. The domain currently hosts or redirects to a generic phishing page impersonating a cryptocurrency investment portal, indicating a likely drainer kit deployment aimed at crypto asset theft. The campaign remains under active investigation with no confirmed brand mimicry at this time.

Technical indicators include a VirusTotal detection score of 0/95, a Let's Encrypt SSL certificate, and a domain creation date of March 18, 2026. Current blocklist assessments are pending; the domain is not yet flagged on Google Safe Browsing. The registrar NICENIC INTERNATIONAL GROUP CO., LIMITED is known for bulk registrations and has been associated with prior low-effort phishing campaigns.

As of the investigation timestamp, vektral.app is considered ACTIVE with an under-investigation risk rating. Immediate recommended actions include network-level blocking of 94.154.172.39 and domain-level blocking of vektral.app. Users are advised to avoid interaction and report any observed activity via threat intelligence platforms. The residual risk remains elevated due to the domain’s recent registration, lack of detections, and potential for rapid evolution into a higher-confidence threat.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-18 08:50:31
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 94.154.172.39

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/dd2be80f-9276-452c-995d-4345846da1ff
- PhishDestroy: https://phishdestroy.io/domain/vektral.app/
- LLM endpoint: https://phishdestroy.io/domain/vektral.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/vektral.app/
Last updated: 2026-03-23