# klonoa.network — SUSPICIOUS > PhishDestroy identifies klonoa.network as a crypto drainer site with 0/95 VirusTotal detections; avoid all login attempts and verify safety before access. ## Summary PhishDestroy identifies klonoa.network as an active crypto drainer domain designed to impersonate legitimate login portals and steal cryptocurrency assets. The site was registered on June 30, 2020 through NameCheap, Inc., and currently resolves to IP address 188.114.96.3. It uses a Google Trust Services SSL certificate to appear legitimate, but remains undetected by VirusTotal with 0 out of 95 security engines flagging it as malicious. Given the domain's age and lack of detection, it suggests a stealthy operation likely targeting users through social engineering or fake investment schemes. Technical analysis reveals that klonoa.network exhibits characteristics consistent with cryptocurrency drainer toolkits, which silently replace wallet addresses during transaction initiation and divert funds to attacker-controlled wallets. The domain is categorized under generic_phishing with a status of active and risk level under investigation, indicating ongoing threat assessment. Despite zero detections on VirusTotal, the combination of a newly issued SSL certificate, obscure domain age, and hosting on a bulletproof infrastructure suggests this is a sophisticated and evolving threat. Users who have visited klonoa.network or entered wallet credentials should immediately disconnect their devices from the internet, revoke any connected session permissions on their wallets, and transfer remaining funds to a new, isolated wallet. Enable hardware wallet authentication and review transaction logs for unauthorized transfers. Report the domain to PhishDestroy for takedown and consider running a full malware scan using reputable antivirus software. Always verify URLs via PhishDestroy before entering sensitive information to prevent future compromise. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2020-06-30 23:59:45 - Registrar: NameCheap, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/e4ac3a75-926c-45c6-8415-73431ff2601c - PhishDestroy: https://phishdestroy.io/domain/klonoa.network/ - LLM endpoint: https://phishdestroy.io/domain/klonoa.network/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/klonoa.network/ Last updated: 2026-03-23