# help-krakenlogin.pages.dev — MALICIOUS

> PhishDestroy identifies help-krakenlogin.pages.dev as a high-risk credential phishing site. Learn about its status and threat details here.

## Summary
PhishDestroy identifies help-krakenlogin.pages.dev as a high-risk credential phishing domain targeting user credentials through deceptive tactics. The domain poses a significant threat to individuals and organizations due to its intent to harvest sensitive information.

This domain was created on February 21, 2026, and is registered via Cloudflare, Inc. It appears on multiple security blocklists and has been flagged by Google Safe Browsing for social engineering. VirusTotal assessments report detection by 14 out of 95 security vendors, reinforcing its malicious nature. The usage of Cloudflare as a registrar suggests attempts to mask hosting details and extend domain longevity for phishing campaigns.

Currently, help-krakenlogin.pages.dev has been taken offline, reducing immediate risk. However, vigilance remains crucial as similar domains may arise. Users should avoid interacting with suspicious Kraken login-related URLs and employ multi-factor authentication where possible. Organizations are advised to update their security filters to block this domain and monitor for related phishing attempts.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Kraken
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.107
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ezra.ns.cloudflare.com", "hazel.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c7df1-e2e5-7622-b763-072a9bcd2071.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/0bed0e67-aa7d-4f06-9511-a90e15dea358
- PhishDestroy: https://phishdestroy.io/domain/help-krakenlogin.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/help-krakenlogin.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/help-krakenlogin.pages.dev/
Last updated: 2026-03-19