# kra13at.cc — MALICIOUS

> PhishDestroy identifies kra13at.cc as a crypto drainer with 15/95 VirusTotal flags. SSL cert from Google Trust Services lends false legitimacy.

## Summary
PhishDestroy has flagged kra13at.cc as an active crypto drainer domain with an elevated risk level, indicating a high probability of malicious intent targeting cryptocurrency users. The domain is designed to deceive visitors into connecting wallets or transferring assets to attacker-controlled addresses under the pretense of legitimate services. This assessment is supported by multiple security vendors and blocklists, confirming the domain’s involvement in financial fraud campaigns.  This domain was flagged by 15 out of 95 VirusTotal security vendors, a significant indicator of its malicious nature. It resolves to the IP address 104.21.35.144 and was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on October 09, 2024. The domain appears on 1 security blocklist and holds an SSL certificate issued by Google Trust Services, which may be used to create a false sense of trustworthiness among potential victims. The combination of high VirusTotal flags, recent registration date, and association with a known cryptocurrency-focused threat underscores the urgency of avoiding any interaction with this domain.  To mitigate risks associated with crypto drainer domains like kra13at.cc, users must exercise extreme caution when visiting unfamiliar websites, particularly those promoting cryptocurrency services or airdrops. Always verify the legitimacy of a domain by cross-checking it against known blocklists and checking for HTTPS with a valid certificate from a trusted provider. Never connect your wallet or enter private keys on unsolicited links. Use hardware wallets for transactions and enable multi-factor authentication where possible. Report suspicious domains to your cybersecurity team or platform provider immediately to prevent further exploitation.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-10-09 20:07:08
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.35.144

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/bbc6cc46-b3b3-4ea4-8947-0f24252e2594
- PhishDestroy: https://phishdestroy.io/domain/kra13at.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra13at.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra13at.cc/
Last updated: 2026-03-26