# kra-b1.cc — MALICIOUS

> PhishDestroy issues crypto-drainer alert on kra-b1.cc (6/95 VirusTotal detections). Verify every link before you click—your tokens depend on it.

## Summary
PhishDestroy has elevated kra-b1.cc to an active crypto-drainer domain, posing an immediate risk to cryptocurrency holders who interact with it.

This domain was flagged by PhishDestroy with an elevated risk rating based on multiple threat-intelligence feeds. VirusTotal reports that 6 out of 95 participating security vendors currently detect kra-b1.cc as malicious. The domain resolves to IP address 188.114.97.3 and was created on December 12, 2025. Registration was handled via NICENIC INTERNATIONAL GROUP CO., LIMITED, and the site currently presents a Google Trust Services SSL certificate to appear legitimate. Despite the certificate, the domain’s fresh creation date and low detection ratio indicate it is actively being weaponized within hours of going live, increasing the likelihood of successful compromise.

Mitigation for this specific crypto-drainer threat requires immediate action. Users must never paste wallet credentials or authorize transactions on any site linked from kra-b1.cc or its subdomains. Enable hardware wallet signing for every transaction and verify the receiving address on a clean, offline device before approval. Bookmark your genuine wallet URLs and treat unexpected links—even those appearing to originate from trusted contacts—as untrusted until independently verified. Report any interaction with kra-b1.cc to your wallet provider and PhishDestroy for rapid takedown and community alerting.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Page title: Krab1.cc

## Domain Intelligence
- Registered: 2025-12-12 04:50:13
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 6 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/56630cfd-7546-4a95-bc64-0ae8c068ad00
- PhishDestroy: https://phishdestroy.io/domain/kra-b1.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra-b1.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-b1.cc/
Last updated: 2026-03-28