# kra22at.com — MALICIOUS

> kra22at.com is a crypto drainer impersonating Kraken. VirusTotal flags 5/95 vendors. Verify safety on PhishDestroy before entering credentials.

## Summary
PhishDestroy identifies kra22at.com as an active phishing domain posing as a fake login portal to steal cryptocurrency credentials. This domain was flagged by 5 out of 95 security vendors on VirusTotal, indicating elevated risk and widespread detection.  This domain was registered on August 16, 2024, through NICENIC INTERNATIONAL GROUP CO., LIMITED, and resolves to IP 188.114.97.3. The SSL certificate, issued by Google Trust Services, adds a false sense of legitimacy, making it harder for users to spot the deception. Despite this, the domain remains on numerous security blocklists, reflecting its malicious nature.  If you visited kra22at.com, avoid entering any credentials or personal information immediately. Disconnect from the site, clear your browser cache, and run a malware scan. Report the domain to PhishDestroy and your antivirus provider to help block its spread. Always verify URLs through trusted sources before interacting with login pages.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-08-16 07:44:45
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5b6a61da-c5c3-4d82-bbef-b62a6922b464
- PhishDestroy: https://phishdestroy.io/domain/kra22at.com/
- LLM endpoint: https://phishdestroy.io/domain/kra22at.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra22at.com/
Last updated: 2026-03-27