Home
PhishDestroy - We Act Before Victims Appear
• Twitter
Our Story - From Steam Scammers to Global ProtectionWe started as volunteers fighting Steam scammers and spammy ads. What began as a small mission grew into something much bigger.
From simple scam reporting to sophisticated threat intelligence. We gained unprecedented access to scammer infrastructure - not as employees, but through security research. Root-level access to drainer panels, phishing kits, and operator infrastructure.
2023-2024: Scale & Impact- 500,000+ phishing domains neutralized
- 25+ full network takedowns
- 15+ threat actor cells mapped
- 50+ crypto-drainer kits destroyed
Operating 24/7 with automated systems, partner networks, and community power. We don't wait for victims - we act so there are no victims at all.
Available Blocklists
Main Lists (Real-time Updates)| List | Domains | Format | Download |
|---|---|---|---|
| Core Database | 40,000+ | JSON | |
| Plain Text | 40,000+ | TXT |
Community Aggregated (Hourly Updates)| Feed | Sources | Domains | Download |
|---|---|---|---|
| Community Blocklist | MetaMask, PhishTank, OpenPhish + 47 more | 100,000+ | |
| Live Verified | DNS-checked active threats | 35,000+ |
How We Hunt
Detection Methods🎯 Paid Ads Monitoring → Google, Meta, X networks
💬 Social Media Scanning → Telegram, Discord, Twitter
📧 Email Campaign Tracking → Phishing newsletters
🌐 DNS Monitoring → New domain registrations
🔒 SSL Certificate Watch → Certificate transparency logs
🤖 Community Reports → @PhishDestroy_bot
- Domain Registrars - Immediate suspension (24h ICANN requirement)
- Hosting Providers - Content removal within hours
- Security Vendors - 50+ blocklist integrations
- Wallet Providers - User warnings for crypto threats
Evidence PreservationEvery site archived with:
- JavaScript encryption keys
- Operator IDs and C2 panels
- Infrastructure mapping
- On-chain transaction tracking
- Complete evidence packages for law enforcement
Integration Guides# Add PhishDestroy to your blocklists
sudo pihole -a adlist add https://raw.githubusercontent.com/phishdestroy/destroylist/main/list.txt
sudo pihole -g- Settings → DNS blocklists → Add custom list
- URL:
https://raw.githubusercontent.com/phishdestroy/destroylist/main/list.txt - Name:
PhishDestroy
- Settings → Filter lists → Import
- Add:
https://raw.githubusercontent.com/phishdestroy/destroylist/main/list.txt
import requests
import json
# Download our blocklist
response = requests.get('https://raw.githubusercontent.com/phishdestroy/destroylist/main/list.json')
phishing_domains = set(response.json())
def is_phishing(domain):
"""Check if domain is in PhishDestroy database"""
if domain in phishing_domains:
return True
# Check subdomains
parts = domain.split('.')
for i in range(1, len(parts)):
if '.'.join(parts[i:]) in phishing_domains:
return True
return False
# Example usage
if is_phishing("scam-site.com"):
print("⚠️ PHISHING DETECTED - BLOCKED BY PHISHDESTROY")
Impact Statistics
Achievements| Metric | Count | Impact |
|---|---|---|
| Domains Neutralized | 500,000+ | Millions protected |
| Active Monitoring | 40,000/day | Real-time protection |
| Network Takedowns | 25+ | Major operations disrupted |
| Threat Actors Mapped | 15+ cells | Criminal networks exposed |
| Drainer Kits Killed | 50+ | Crypto theft prevented |
| False Positive Rate | <0.1% | Accuracy guaranteed |
Growth Timeline2019: 5,000 domains ▓░░░░░░░░░
2020: 18,000 domains ▓▓▓░░░░░░░
2021: 75,000 domains ▓▓▓▓▓░░░░░
2022: 150,000 domains ▓▓▓▓▓▓▓░░░
2023: 300,000 domains ▓▓▓▓▓▓▓▓░░
2024: 450,000 domains ▓▓▓▓▓▓▓▓▓░
2025: 500,000+ domains ▓▓▓▓▓▓▓▓▓▓
Report Phishing
Fastest Method - Telegram BotSend domain to @PhishDestroy_bot
There’s a ranking and damage tracking system.
When you reach 100 points, you unlock auto-approval for domains and access to the Batch Report feature.
The bot also includes a scammer damage tracking system that calculates the total impact of your reports — showing how much damage you’ve dealt to scam networks based on verified domain takedowns.
Scoring rules:
+1 point for each correctly reported scam domain
–2 points for each incorrect domain report
If you have Trusted status and make a False Positive report, your points are fully reset to zero as a penalty.
What We Need- Domain/URL - The phishing site or scam
Response Time- Bot acknowledgment: Instant
- Initial scan: 2-5 minutes
- Verification: 10-15 minutes
- Global blocking: <1 hour
False Positive? 
- Visit phishdestroy.io/appeals
- Provide:
- Your domain
- Business explanation
- Review time: 24-48 hours
- Cost: FREE (we never charge)
For Scammers Reading ThisKeep reporting each other. It helps us cluster your networks faster.
In 5/5 CIS groups analyzed:
- Revenue filters skim your funds upstream
- You see <5% of total take
- You are disposable to your operators
- Your "partners" are your biggest threat
name: Update PhishDestroy Blocklist
on:
schedule:
- cron: '0 */6 * * *' # Every 6 hours
workflow_dispatch:
jobs:
update:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Download PhishDestroy list
run: |
wget -O phishing.json https://raw.githubusercontent.com/phishdestroy/destroylist/main/list.json
echo " Downloaded $(jq '. | length' phishing.json) domains"
- name: Update protection
run: |
# Your integration logic here
echo "Protection updated!"| Project | Description | Link |
|---|---|---|
| ScamIntelLogs | Telegram scammer chat archives | GitHub |
| Twitter Archive | 138K phishing reports from @CarlyGriggs13 | GitHub |
| Medium Archive | Phishing cleanup on Medium platform | Archive |
- Report domains → @PhishDestroy_bot
- Share our lists → Protect your community
- Integrate blocklists → In your tools
- Follow updates → @destroy_phish
- Spread awareness → Share with others
MIT License - Free, open, yours to hack!
"We act so there are no victims at all."
PhishDestroy Team • Operating Since 2019 • Independent • Public • Non-commercial
Together We Make the Internet Safer