# wah777.net — MALICIOUS

> Warning: wah777.net is a high-risk phishing domain. Avoid visiting to protect your personal data and devices.

## Summary
PhishDestroy identifies wah777.net as a high-risk phishing domain that poses significant threats to users. This site was flagged due to its association with deceptive activities aimed at stealing sensitive information. Although currently offline, its history suggests it targeted unsuspecting visitors with malicious intent.

The phishing scheme behind wah777.net involved mimicking a popular gaming platform, specifically PUBG Mobile, to lure users into a false sense of security. Visitors were likely enticed by promises of intense gaming action, only to be tricked into submitting personal details or login credentials. Such tactics are common in phishing attacks where attackers exploit trust in familiar brands to harvest data.

If you have accessed wah777.net, it is crucial to immediately change any passwords you may have entered on the site and monitor your accounts for suspicious activity. Running a thorough antivirus scan and enabling multi-factor authentication on your accounts can further protect your information. Users should remain vigilant and avoid interacting with any content from this domain to prevent potential harm.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: WAH777 : WAH 777 PUBG Mobile Aksi Intens & Menegangkan

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Expires: 2026-08-29 00:00:00
- Registrar: NameSilo, LLC
- Country: US
- IP: 95.169.180.185
- IP Country: US
- IP City: Chicago
- IP Org: AS262287 Latitude.sh LTDA
- Nameservers: ns1.ullthost.homes ns1.wah777.net ns2.ullthost.homes ns2.wah777.net
- SSL Issuer: none

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Cluster25", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Seclookup", "SOCRadar", "Sophos", "Trustwave", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c3db1-0f2b-7667-ac55-f1211d725b22.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/92a5766d-81ea-49c2-a138-1ff125e283e6
- PhishDestroy: https://phishdestroy.io/domain/wah777.net/
- LLM endpoint: https://phishdestroy.io/domain/wah777.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/wah777.net/
Last updated: 2026-03-19