# kra28--cc.icu — MALICIOUS

> kra28--cc.icu is linked to credential phishing targeting user logins. VirusTotal flags 5/95 scanners. Check the full report.

## Summary
The domain kra28--cc.icu is identified as a source of credential harvesting attacks, posing a significant risk to users' personal information and account credentials. This type of phishing specifically aims to deceive individuals into submitting sensitive login details through fake interfaces or deceptive prompts. Users encountering this domain may be tricked into compromising their security credentials, leading to unauthorized access and potential identity theft.

Technical analysis reveals that kra28--cc.icu was registered recently on March 26, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED, indicating a fresh creation likely intended for malicious purposes. The domain resolves to the IP address 188.114.96.3 and presents an SSL certificate issued by Google Trust Services, which may lend it a deceptive appearance of legitimacy. VirusTotal scanning shows that 5 out of 95 security vendors have flagged this domain, highlighting a non-negligible detection rate. These indicators, coupled with its presence on blocklists, confirm the elevated risk level this domain represents within the phishing threat landscape.

Users who believe they may have visited kra28--cc.icu or submitted any credentials through it should immediately change their passwords on affected accounts and enable multi-factor authentication where possible. It is also recommended to monitor financial statements and account activities closely for signs of unauthorized use. Organizations should consider blocking this domain at network boundaries and educate users about the risks associated with credential phishing. Staying vigilant and verifying URLs before entering sensitive information remain critical steps to prevent falling victim to such targeted scams.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-03-26 21:36:21
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a56d5b03-5a9f-4d96-9c8d-0247eec7442a
- PhishDestroy: https://phishdestroy.io/domain/kra28--cc.icu/
- LLM endpoint: https://phishdestroy.io/domain/kra28--cc.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra28--cc.icu/
Last updated: 2026-03-29