# vimaldev-24.github.io — MALICIOUS

> Domain vimaldev-24.github.io is a confirmed crypto-draining phishing site. Flagged by 14 of 95 VirusTotal vendors and listed unsafe by Google Safe Browsing.

## Summary
This domain, vimaldev-24.github.io, operates as a crypto-draining phishing site with a high risk rating and active status, first identified through seed fa1efe.  VimalDev-24.github.io was flagged as a social engineering threat by Google Safe Browsing and currently shows detections from 14 of 95 VirusTotal security vendors. The domain resolves to IP 185.199.108.153 and is hosted on GitHub, Inc. infrastructure. The SSL certificate is issued by Let’s Encrypt, indicating encrypted delivery of malicious content.  Security telemetry identifies this domain as actively involved in credential theft campaigns targeting crypto users. With a high risk classification, low trust scores, and a blocklist presence in multiple feeds, the site poses a significant threat to unsuspecting visitors. Action is required due to ongoing abuse via GitHub Pages, leveraging trusted domains to bypass browser filters.  It is strongly advised to block vimaldev-24.github.io at the network and DNS levels. Users should avoid visiting the site, clear cached credentials, and report the domain to threat intelligence platforms. Security teams should update firewall and proxy rules to prevent access via IP or domain. Immediate isolation and incident response procedures are recommended upon any exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b51e48fb-5c3e-414e-a59f-6a2e86c7cb81
- PhishDestroy: https://phishdestroy.io/domain/vimaldev-24.github.io/
- LLM endpoint: https://phishdestroy.io/domain/vimaldev-24.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/vimaldev-24.github.io/
Last updated: 2026-04-01