# kra10.vip — MALICIOUS

> Site kra10.vip is a live crypto drainer mimicking Kraken; 14/95 VirusTotal flags, created Nov 20 2025. Verify before you click – use PhishDestroy.

## Summary
PhishDestroy identifies kra10.vip as an active crypto-draining phishing page posing as Kraken. Visitors who enter wallet credentials risk immediate token theft via malicious smart-contract approvals and hidden drainer scripts. The domain uses deceptive subdomains and typosquatting to impersonate the legitimate exchange, aiming to trick users into approving unauthorized transfers.

This domain was flagged by 14 of 95 VirusTotal security vendors and resolves to IP 86.54.25.38. It was registered on November 20, 2025 through NICENIC INTERNATIONAL GROUP CO., LIMITED, a known bulletproof domain registrar often abused for short-lived malicious domains. The page title “kra10.vip” mirrors Kraken branding with a numeric twist to evade brand filters. Its fresh creation date and low VT detection ratio indicate a rapidly evolving threat likely distributed via spam, social media ads, or impersonation DMs.

If you visited kra10.vip, immediately revoke any wallet approvals using tools like revoke.cash or your wallet’s built-in allowance manager. Do NOT connect your wallet or enter credentials. Scan your device with updated antivirus and check for unauthorized transfers. Report the domain to PhishDestroy and your wallet provider to help block further abuse. Always verify URLs via official Kraken channels before interacting.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Page title: kra10.vip

## Domain Intelligence
- Registered: 2025-11-20 00:00:12
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 86.54.25.38

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1dcb5a0d-cd12-4fad-8b03-72a979c2b1f5
- PhishDestroy: https://phishdestroy.io/domain/kra10.vip/
- LLM endpoint: https://phishdestroy.io/domain/kra10.vip/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra10.vip/
Last updated: 2026-03-28