# kra-41at.com — MALICIOUS

> PhishDestroy identifies kra-41at.com as a crypto drainer scam site. VirusTotal flags 6/95 vendors. Verify before connecting wallet.

## Summary
PhishDestroy classifies kra-41at.com as an active crypto drainer scam domain with an elevated risk level. This site mimics legitimate services to trick users into connecting cryptocurrency wallets, enabling unauthorized fund transfers.  

This domain was flagged by 6 out of 95 VirusTotal security vendors, indicating widespread suspicion. It resolves to IP 104.21.6.95 and uses a Google Trust Services SSL certificate, which may falsely imply legitimacy. Registered on February 8, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED, the domain is newly active and lacks established trust. The low detection count suggests it may be recently deployed or employing evasion tactics.  

Crypto drainers like kra-41at.com exploit wallet connection prompts to drain assets. Users should avoid clicking links or connecting wallets to this site. Verify domains via trusted sources before interaction. Report suspicious activity to cybersecurity platforms. Use hardware wallets for critical transactions to mitigate risk.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-02-08 00:20:41
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.6.95

## Detection Status
- VirusTotal: 6 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/bdcd36f5-5c7a-482c-bccf-52d03875f660
- PhishDestroy: https://phishdestroy.io/domain/kra-41at.com/
- LLM endpoint: https://phishdestroy.io/domain/kra-41at.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-41at.com/
Last updated: 2026-03-27