# app-gitkraken-bkf.pages.dev — MALICIOUS

> Domain app-gitkraken-bkf.pages.dev mimics Kraken brand, distributing a drainer kit. Blocked by MetaMask and detected by 8/95 VirusTotal scanners.

## Summary
PhishDestroy identifies the domain app-gitkraken-bkf.pages.dev as an active brand impersonation threat targeting Kraken users. The site employs a drainer kit disguised as a GitKraken integration, attempting to harvest credentials and cryptocurrency wallet data. Threat actors are leveraging Cloudflare Pages to host deceptive content, blending legitimate infrastructure with malicious intent to evade detection.    This domain was flagged by 8 out of 95 VirusTotal security vendors, resolving to IP 172.66.46.235 via Cloudflare, Inc. registration. The SSL certificate issued by Google Trust Services adds a veneer of legitimacy, while the domain’s presence on 1 security blocklist underscores its malicious reputation. Technical indicators reveal a recently registered domain likely deployed to exploit users searching for Kraken or GitKraken tools.    The threat remains active with MetaMask actively blocking access. Users should avoid interacting with this domain and verify Kraken-related downloads exclusively through official channels. While Cloudflare’s infrastructure hinders takedown efforts, the domain’s elevated risk profile and blocklist presence necessitate heightened vigilance from both users and security teams. Remaining risk persists due to the domain’s continued operation and potential for rapid infrastructure changes.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Kraken

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.235

## Detection Status
- VirusTotal: 8 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9c172058-847b-448a-a8e4-85da3821c461
- PhishDestroy: https://phishdestroy.io/domain/app-gitkraken-bkf.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/app-gitkraken-bkf.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app-gitkraken-bkf.pages.dev/
Last updated: 2026-03-22