# co8f.cc — SUSPICIOUS

> co8f.cc is a confirmed Kraken impersonation site hosting a crypto drainer. VirusTotal flags 4/95 vendors.

## Summary
PhishDestroy identifies co8f.cc as an active crypto drainer impersonating the cryptocurrency exchange Kraken. This domain is engineered to deceive users into connecting crypto wallets or entering login credentials, with the malicious payload designed to siphon digital assets under the guise of a legitimate Kraken interface. The threat is categorized as a high-risk brand impersonation attack, leveraging visual and functional similarities to Kraken’s official platforms to maximize deception. Users interacting with this domain risk immediate financial loss, as crypto drainers automatically execute unauthorized transfers upon wallet connection or credential submission.  

This domain was flagged by PhishDestroy with multiple high-confidence indicators. Registered through Hefei Juming Network Technology Co., Ltd. on March 21, 2026, co8f.cc has been active for a minimal period, yet it has already been detected by 4 out of 95 security vendors on VirusTotal, indicating partial but incomplete detection coverage. The domain resolves to IP address 8.221.97.242 and is secured with a Let’s Encrypt SSL certificate, which does not validate its legitimacy. Additionally, co8f.cc appears on 2 security blocklists and is blocked by MetaMask and SEAL, further confirming its malicious nature. The page title explicitly mimics Kraken, reinforcing its use in phishing campaigns targeting cryptocurrency users.  

If you have visited co8f.cc, take immediate action to secure your assets. Disconnect any connected wallets using your wallet’s security settings or browser extension, and revoke any unauthorized permissions via tools such as Etherscan’s token approval checker or similar services for non-Ethereum chains. Do not enter any credentials or interact further with the site. Scan your device with reputable antivirus software to check for potential malware. For future protection, always verify domains against PhishDestroy’s database before entering sensitive information or connecting wallets. Report suspicious domains to PhishDestroy or your security provider to help protect the broader community from similar threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP ?)
- Target brand: Kraken
- Page title: kraken

## Domain Intelligence
- Registered: 2026-03-21 03:37:13
- Registrar: Hefei Juming Network Technology Co., Ltd.
- IP: 8.221.97.242

## Detection Status
- VirusTotal: 4 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["MetaMask", "SEAL"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2279d0bc-76f9-4125-ad18-bf3e3ef62e2e
- PhishDestroy: https://phishdestroy.io/domain/co8f.cc/
- LLM endpoint: https://phishdestroy.io/domain/co8f.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/co8f.cc/
Last updated: 2026-04-14