# at-kra28.cc — MALICIOUS

> PhishDestroy confirms at-kra28.cc is a fake login page. Created Jan 19, 2025, and flagged by 17/95 vendors on VT. Verify safety on PhishDestroy now.

## Summary
This website, at-kra28.cc, is confirmed to be a phishing site designed to steal login credentials. It presents a fake login page to deceive users into entering their usernames and passwords, which are then harvested by malicious actors. Exercise extreme caution if you encounter this site.  

PhishDestroy identified this domain as a threat. As of our analysis, VirusTotal reports that 17 out of 95 security vendors have flagged at-kra28.cc as malicious. The domain was created on January 19, 2025, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. The site resolves to the IP address 188.114.97.3 and has an SSL certificate issued by Google Trust Services. The domain appears on 1 security blocklist, further reinforcing its malicious nature.  

If you have visited at-kra28.cc and entered your login credentials, immediately change your password on the legitimate service. Also, enable two-factor authentication for added security. Monitor your account for any signs of unauthorized access or suspicious activity. Consider running a full system scan with a reputable antivirus program to detect and remove any potential malware that may have been installed. Be vigilant for any phishing emails or messages that may attempt to exploit the compromised credentials.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-01-19 20:41:36
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 17 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d25eafe8-6eb9-460a-a39a-682c2d9f0285
- PhishDestroy: https://phishdestroy.io/domain/at-kra28.cc/
- LLM endpoint: https://phishdestroy.io/domain/at-kra28.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/at-kra28.cc/
Last updated: 2026-03-26