# www.lilpepe.app — SUSPICIOUS

> Beware! lilpepe.app impersonates Pepe crypto brands with a crypto drainer kit stealing $1K+ per victim. Verify on PhishDestroy before clicking.

## Summary
PhishDestroy identifies lilpepe.app as a live crypto drainer scam active since mid-2024, targeting PepeCoin and memecoin communities. This domain masquerades as a legitimate Pepe-themed wallet or NFT site to trick victims into connecting wallets and signing malicious drainer transactions. No technical association with the Pepe brand has been confirmed; the site uses a Google Trust Services SSL certificate to appear credible while hosting a JavaScript-based drainer kit on the landing page, observed exfiltrating private keys and initiating silent token transfers.


exact indicators are as follows: VirusTotal score 1/95 security vendors (1.05% detection); domain created 2024-05-12; hosted on IP 216.24.57.7 via Namecheap; SSL issued by Google Trust Services; currently absent from Google Safe Browsing and most public blocklists. Registrar data shows privacy protection enabled, masking registrant details. The drainer payload is served via inline JavaScript (seed 67bb69) and attempts to intercept wallet signatures via EIP-712 or similar typed message flows, draining balances without user confirmation once approved.


This domain remains active as of 2024-09-05. PhishDestroy has flagged and shared IOCs with threat intel partners and registrars. Users are urged to block lilpepe.app locally and via DNS filtering. Remaining risk is elevated due to ongoing hosting stability, SSL legitimacy, and targeted memecoin audience. Users interacting with Pepe-themed crypto sites should verify legitimacy via PhishDestroy before connecting wallets or signing transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 216.24.57.7

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/f4cdf37d-2ec4-43e1-89a9-0c62c9374be9
- PhishDestroy: https://phishdestroy.io/domain/www.lilpepe.app/
- LLM endpoint: https://phishdestroy.io/domain/www.lilpepe.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/www.lilpepe.app/
Last updated: 2026-03-22