# cronosnetwork.org — SUSPICIOUS > cronosnetwork.org is linked to credential theft with 0/95 VirusTotal detections. Domain created June 23, 2024. ## Summary The domain cronosnetwork.org is currently associated with a credential theft campaign targeting users through deceptive means. This threat involves tricking victims into submitting sensitive login information, potentially compromising personal accounts and access to financial or crypto-related services. The intent is to harvest credentials for unauthorized access and subsequent fraudulent use. Technical analysis shows that cronosnetwork.org resolves to IP address 172.67.140.111 and is registered via NICENIC INTERNATIONAL GROUP CO., LIMITED. The domain was created recently, on June 23, 2024, indicating it is new and possibly set up specifically for malicious purposes. Despite this, VirusTotal scanning yields 0 detections out of 95 antivirus engines, suggesting it remains under the radar of most security tools. The domain maintains an SSL certificate issued by Google Trust Services, which can lend it an appearance of legitimacy. Currently, the domain's risk level is under investigation, but it is actively engaged in credential theft tactics. Users who have visited cronosnetwork.org should refrain from entering any personal credentials or sensitive data. If any information was submitted, it is strongly recommended to immediately change passwords on affected accounts and enable two-factor authentication where available. Monitoring accounts for unusual activity and notifying relevant service providers of a potential compromise can mitigate damage. Avoid further contact with the domain to prevent exposure to ongoing phishing attempts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2024-06-23 16:10:33 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 172.67.140.111 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/1968e9e5-9a8f-481a-809d-349a7b2e0361 - PhishDestroy: https://phishdestroy.io/domain/cronosnetwork.org/ - LLM endpoint: https://phishdestroy.io/domain/cronosnetwork.org/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/cronosnetwork.org/ Last updated: 2026-03-27