# at-krab4--cc.ru — SUSPICIOUS

> Site at-krab4--cc.ru poses as a fake crypto wallet login to steal funds. Detected 0/95 on VirusTotal. Verify and block this drainer via PhishDestroy.

## Summary
PhishDestroy identifies the domain at-krab4--cc.ru as a confirmed crypto drainer scam active since late January 2026. This malicious site mimics legitimate crypto wallet interfaces to trick users into connecting their wallets and approving draining transactions. The infrastructure shows signs of impersonation toolkits commonly used to harvest private keys and seed phrases, with no brand explicitly listed but targeting cryptocurrency users directly.  This domain was flagged with a clean VirusTotal score of 0/95 detections as of the latest scan, indicating stealth evasion tactics. It resolves to IP address 45.150.39.217, was registered through REGRU-RU on January 26, 2026, and secured with a Let's Encrypt SSL certificate to appear trustworthy. The domain remains unlisted on Google Safe Browsing and has not yet been added to major blocklists, giving it a low initial visibility footprint despite its malicious intent.  The site is currently active and under continued monitoring. Users are advised to avoid interaction and to report any encounters. While immediate detection is low, ongoing analysis may yield additional indicators. PhishDestroy recommends users verify unknown domains through its real-time scanning system before any wallet connection or login attempt to prevent fund loss.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-26 16:37:28
- Registrar: REGRU-RU
- IP: 45.150.39.217

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5383134b-a418-4982-a37b-d7e876cecc80
- PhishDestroy: https://phishdestroy.io/domain/at-krab4--cc.ru/
- LLM endpoint: https://phishdestroy.io/domain/at-krab4--cc.ru/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/at-krab4--cc.ru/
Last updated: 2026-03-28