# kra-2025.cc — MALICIOUS

> kra-2025.cc is a fake giveaway scam domain flagged by 18 of 95 VirusTotal vendors. Check the full report for detailed threat analysis.

## Summary
PhishDestroy identifies kra-2025.cc as an active fake giveaway scam domain currently propagating deceptive prize notifications for 2025 events.

This domain was flagged by 18 of 95 VirusTotal security vendors, indicating significant malicious activity. Registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on May 28, 2025, it resolves to IP 188.114.96.3 and operates under a Google Trust Services SSL certificate to enhance credibility. The combination of recent creation, low detection coverage against 95 vendors, and active hosting infrastructure suggests this domain is part of a rapidly evolving phishing campaign targeting event-related fraud.

With an elevated risk level and confirmed malicious status, kra-2025.cc represents a tangible threat to users expecting legitimate 2025 event communications. Security teams should immediately block this domain at network and DNS levels using IOCs including the IP address 188.114.96.3 and domain kra-2025.cc. Users should be warned against engaging with any prize notifications referencing this domain or related impersonation themes. Continuous monitoring of newly registered domains containing '2025' or 'kra' is recommended to detect similar campaigns early. Organizations are advised to update email filtering rules and endpoint protection signatures to include this IOC while educating users on identifying fake giveaway scams involving 2025 events.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-05-28 16:33:49
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/954aa1d3-e29b-412d-a0a5-c290598b6eff
- PhishDestroy: https://phishdestroy.io/domain/kra-2025.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra-2025.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-2025.cc/
Last updated: 2026-03-26