# kra-45-cc.cc — MALICIOUS

> The domain kra-45-cc.cc is a crypto wallet phishing site flagged by 14/95 VirusTotal vendors. It mimics legitimate crypto services to steal user credentials.

## Summary
PhishDestroy identifies kra-45-cc.cc as an active malicious domain posing as a cryptocurrency wallet service, deployed explicitly for credential theft and financial fraud. This domain operates with an elevated risk profile and exhibits multiple indicators of compromise, including widespread detection by security vendors and inclusion on major blocklists. Users interacting with this domain risk exposing wallet recovery phrases, private keys, or login credentials to threat actors.  

This domain was flagged by 14 out of 95 VirusTotal security vendors, indicating significant but not universal detection. It is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolving to IP address 185.226.92.168. The SSL certificate is issued by Let's Encrypt, which does not inherently indicate legitimacy. kra-45-cc.cc first appeared on two security blocklists, including MetaMask and SEAL, and was created on October 12, 2025. These factors collectively suggest a recently deployed, opportunistic phishing campaign targeting cryptocurrency users under the guise of wallet authentication or service access.  

To mitigate risk, users should immediately cease any interaction with kra-45-cc.cc and verify all wallet access points through official URLs only. Enable two-factor authentication and hardware wallet signing where possible. Report this domain to your browser’s blocklist, security extensions (e.g., MetaMask Phishing Detection), and relevant authorities such as Google Safe Browsing or PhishTank. Never enter wallet recovery phrases or private keys into unverified web interfaces. If compromised, revoke exposed credentials via your wallet’s official recovery tools and transfer assets to a new, secure wallet. Always cross-check domain spellings and use bookmarked links for critical services.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-10-12 14:49:17
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 185.226.92.168

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["MetaMask", "SEAL"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c6ef4e33-207f-4dde-b7b9-ad0dfe306e6a
- PhishDestroy: https://phishdestroy.io/domain/kra-45-cc.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra-45-cc.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-45-cc.cc/
Last updated: 2026-03-28