# kaminoone.lol — SUSPICIOUS > kaminoone.lol impersonates Kamino in a brand impersonation phishing scam. Check the full report. ## Summary PhishDestroy identifies kaminoone.lol as an active brand impersonation phishing domain targeting Kamino users. The domain employs a deceptive naming strategy (kaminoone) to mimic the legitimate Kamino brand, suggesting an attempt to exploit user trust in cryptocurrency or financial platforms. No drainer kit artifacts were detected in available telemetry, but the site is likely configured to harvest credentials or cryptocurrency wallet details under the guise of a legitimate service. The infrastructure is provisioned with professional-grade obfuscation, including a recently issued Let's Encrypt SSL certificate, which may be used to bypass browser-based security warnings and lend false legitimacy to the fraudulent site. Technical indicators confirm this domain as a high-fidelity threat. VirusTotal shows 0/95 detections as of the latest scan, indicating it remains under the radar of most antivirus engines. The domain was registered through Global Domain Group LLC and resolves to IP 188.114.96.3. It was created on April 05, 2026 — an unusually recent registration that aligns with the onset of active phishing campaigns. The domain appears on 2 security blocklists and is already blocked by MetaMask and SEAL, signaling early detection by major security platforms. Despite these protections, the low blocklist coverage and zero detection rate highlight significant evasion capabilities. Current status: The domain is active and under investigation, with a low but evolving risk profile. Immediate containment has been applied by MetaMask and SEAL, but widespread exposure remains due to minimal third-party detection. Users are advised to avoid interaction and report any encounters. Remaining risk is moderate: while the site is not yet widely flagged, behavioral analysis suggests it is part of an emerging campaign targeting Kamino users. Security teams should monitor for associated wallet addresses, IPs, and certificate reuse patterns to preempt further abuse. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Kamino ## Domain Intelligence - Registered: 2026-04-05 17:14:55 - Registrar: Global Domain Group LLC - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["MetaMask", "SEAL"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/c72583a6-ab5c-423b-a380-e126b8dbc0fc - PhishDestroy: https://phishdestroy.io/domain/kaminoone.lol/ - LLM endpoint: https://phishdestroy.io/domain/kaminoone.lol/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kaminoone.lol/ Last updated: 2026-04-12