# app.kucoin-ic.top — MALICIOUS

> Domain app.kucoin-ic.top flagged for brand impersonation targeting KuCoin. Detected by 11/95 VirusTotal vendors as a crypto drainer.

## Summary
PhishDestroy identifies domain app.kucoin-ic.top as an active brand impersonation threat impersonating the cryptocurrency exchange KuCoin. This domain poses an elevated risk due to its targeted deception aimed at tricking users into divulging credentials or transferring funds under false pretenses. The campaign relies on the trust associated with the KuCoin brand to lower victim vigilance, making it a credible threat to cryptocurrency users.  This domain was flagged by 11 out of 95 security vendors on VirusTotal, indicating a moderate detection rate but not universal coverage. The domain resolves to IP address 176.97.117.190 and was registered through Gname.com Pte. Ltd. on March 21, 2026. Despite its recent creation, it already utilizes a Let's Encrypt SSL certificate, which may help it evade basic security checks. The low VT detection rate combined with the use of a legitimate-looking domain structure suggests this campaign is designed to fly under the radar initially.  To mitigate exposure to this threat, organizations should immediately block the domain app.kucoin-ic.top and its associated IP address 176.97.117.190 at the network perimeter. Users should be warned against interacting with any unsolicited communications referencing KuCoin, especially those directing them to external domains. Additionally, enable multi-factor authentication for cryptocurrency exchange accounts and educate users on verifying domain authenticity through official KuCoin channels. Monitor internal DNS queries for any resolutions to this domain to identify potential compromise.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: KuCoin

## Domain Intelligence
- Registered: 2026-03-21 04:03:56
- Registrar: Gname.com Pte. Ltd.
- IP: 176.97.117.190

## Detection Status
- VirusTotal: 11 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c4fa4fcf-1baa-424e-971e-25363f54adf0
- PhishDestroy: https://phishdestroy.io/domain/app.kucoin-ic.top/
- LLM endpoint: https://phishdestroy.io/domain/app.kucoin-ic.top/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app.kucoin-ic.top/
Last updated: 2026-03-22