# kra--33----cc.sbs — MALICIOUS

> kra--33----cc.sbs is a confirmed Kraken impersonation phishing site, flagged by 6 of 95 VirusTotal vendors. Check the full report.

## Summary
PhishDestroy identifies the domain kra--33----cc.sbs as an active phishing page impersonating the cryptocurrency exchange Kraken. The threat is classified as a credential harvesting campaign designed to steal user login credentials and financial data. This domain is currently operational and remains unblocked by multiple security vendors, posing an elevated risk to potential victims.


This domain was flagged by 6 of 95 VirusTotal vendors, indicating partial detection across security solutions. It is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolves to IP address 193.105.134.24, and was created on June 27, 2025. The domain exhibits low trust scores due to its recent creation and lack of legitimate infrastructure. As of the latest scan, no major blocklists include this domain, increasing the window of opportunity for threat actors to exploit unsuspecting users.


The domain kra--33----cc.sbs remains active and should be considered dangerous. Users are advised to avoid accessing this domain and report it to their security teams or relevant authorities. Organizations should implement network-level blocking for this domain and IP address to prevent accidental exposure. Security teams are encouraged to monitor for related domains using the seed identifier 0d8e55 and update threat intelligence feeds accordingly. Immediate action is recommended to mitigate the risk of credential theft and financial fraud.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Page title: kra--33----cc.sbs

## Domain Intelligence
- Registered: 2025-06-27 11:08:20
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 193.105.134.24

## Detection Status
- VirusTotal: 6 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/179036fb-453a-4e1c-be33-59d2ff54c59c
- PhishDestroy: https://phishdestroy.io/domain/kra--33----cc.sbs/
- LLM endpoint: https://phishdestroy.io/domain/kra--33----cc.sbs/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra--33----cc.sbs/
Last updated: 2026-03-29