# kra-32.cc — MALICIOUS

> kra-32.cc identified as a generic phishing crypto drainer with 10/95 VirusTotal detections. Domain mimics Kraken Exchange to steal cryptocurrency.

## Summary
PhishDestroy identifies kra-32.cc as an **elevated-risk crypto drainer** impersonating Kraken Exchange, actively harvesting wallet credentials and assets.

This domain was flagged with a 10/95 detection rate on VirusTotal, resolving to IP 45.130.151.196 via a Let’s Encrypt SSL certificate. Registered through Gname 331 Inc on January 21, 2026, it shows early-stage abuse potential with minimal reputation history. The low trust score correlates with its primary function: deceiving users into connecting crypto wallets under fraudulent pretexts.

Immediate mitigation includes blocking the domain kra-32.cc, removing any associated IP 45.130.151.196, and revoking the Let’s Encrypt SSL certificate. Users must verify Kraken domains via official channels and avoid wallet connections to untrusted sites. Security teams should monitor for this pattern as similar domains may emerge under the same registrar.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-21 09:05:50
- Registrar: Gname 331 Inc
- IP: 45.130.151.196

## Detection Status
- VirusTotal: 10 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1433267d-bb8b-4bb5-baf2-1226dd5f8f93
- PhishDestroy: https://phishdestroy.io/domain/kra-32.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra-32.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-32.cc/
Last updated: 2026-03-28