SafeMode - Analysis: zackonbags.fun

Captura Visual

Informações de Detecção

http://zackonbags.fun

Detected Brand

ZACK

Country

International

Confiança

100%

HTTP Status

200

Report ID

c6b78cf3-c4e…

Analyzed

2026-01-26 01:33

Final URL (after redirects)

https://zackonbags.fun/

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1F6C296B02264103BA11B96DB6F26277936FBB1FDD8BB1154D7FD0A90ABE5C88F813045
CONTENT ssdeep	384:HWtqY+SAakFsiyteAG4UOOeAG4UOJWAU74CyZwQwq/V7/2o1RYXFFFCY01aVGux3:oAa4sko/y2Qwc7/2eRYXd0TYwKyhh0

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	92922d6de99296e3
VISUAL aHash	03646c6c4000407e
VISUAL dHash	968dcd8d926cd4d4
VISUAL wHash	4f447c7e60007e7e
VISUAL colorHash	38407000000
VISUAL cropResistant	e8d8b2eccda2e6e8,968dcd8d926cd4d4

Análise de Código

Risk Score 88/100

Nível de Ameaça ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Ameaça: Golpe de phishing de criptomoedas
• Alvo: Entusiastas e investidores de criptomoedas
• Método: Promoção falsa de airdrop para roubar dados de usuário
• Exfil: Possível exfiltração de dados através de scripts ofuscados
• Indicadores: Domínio não coincidente, táticas de urgência, domínio recente
• Risco: ALTO - Possibilidade de roubo de dados e perda financeira

🔒 Obfuscation Detected

atob
base64_strings

📡 API Calls Detected

https://lite-api.jup.ag/tokens/v2/search?query=
POST

📊 Detalhamento da Pontuação de Risco

Total Risk Score

100/100

Contributing Factors

Active Phishing Kit

Detected Credential Harvester, OTP Stealer, and Banking kits with real-time interception capabilities.

High Obfuscation

21 obfuscation techniques detected, indicating deliberate evasion of analysis and detection.

Crypto Reward Scam

Explicit use of 'free crypto rewards' as a lure to trick victims into connecting wallets.

Urgency Tactics

Use of 'Hurry up!' to pressure victims into immediate action without scrutiny.

🔬 Análise Integral de Ameaças

Tipo de Ameaça

Banking Credential Harvester

Alvo

ZACK users (International)

Método de Ataque

Brand impersonation + obfuscated JavaScript

Canal de Exfiltração

Unknown

Avaliação de Risco

CRITICAL - Automated credential harvesting with Unknown

⚠️ Indicators of Compromise

Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
21 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand

ZACK

Official Website

https://www.zack.com

Fake Service

Free crypto rewards

Fraudulent Claims

⚔️ Metodologia de Ataque

Primary Method: CRYPTO Wallet Connection

The phishing site prompts users to connect their cryptocurrency wallets (e.g., MetaMask, Phantom) using buttons labeled 'Connect Wallet'. Once connected, the site likely requests token approvals or private key access to drain funds.

Secondary Method: Credential Harvesting

While no forms are visible, the presence of a Credential Harvester kit suggests hidden or dynamically loaded fields to capture login credentials or OTPs for account takeover.