# kra-35at.com — MALICIOUS

> kra-35at.com is a generic phishing domain flagged by 5 of 95 VirusTotal vendors. Analysts identify this as a crypto drainer. Do NOT interact.

## Summary
PhishDestroy identifies kra-35at.com as an active crypto drainer domain impersonating Kraken cryptocurrency services.


This domain was registered on February 07, 2025, and resolves to IP 104.21.56.109. It was flagged by 5 of 95 VirusTotal vendors, acquired through NICENIC INTERNATIONAL GROUP CO., LIMITED, and secured by a Google Trust Services SSL certificate. The domain exhibits elevated risk indicators typical of crypto-draining operations, including recent creation and limited but notable detection coverage.


Current status remains active, with security vendors continuing to flag this domain. Given its crypto-draining nature, users should avoid any interaction with kra-35at.com. Block the domain and IP at network and endpoint levels. If encountered, report the domain to your security team and relevant crypto platforms immediately.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-02-07 23:40:12
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.56.109

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/3fc50826-a989-488c-b7bd-f284b5c1fe73
- PhishDestroy: https://phishdestroy.io/domain/kra-35at.com/
- LLM endpoint: https://phishdestroy.io/domain/kra-35at.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-35at.com/
Last updated: 2026-03-27