# kra28atcc.com — MALICIOUS > kra28atcc.com is a crypto drainer site (7/95 VT detections) impersonating Kraken. Verify legitimacy on PhishDestroy before entering any data. ## Summary PhishDestroy identifies kra28atcc.com as an active crypto drainer posing as a legitimate cryptocurrency exchange site. This domain is designed to trick users into connecting their crypto wallets under the false pretense of trading or authentication. Once connected, malicious smart contracts silently drain tokens from victim wallets, often resulting in irreversible financial losses. The site employs deceptive branding and urgent language to pressure users into quick, uninformed actions. Security researchers have observed this domain being promoted through fake investment offers, phishing emails, and social media ads targeting cryptocurrency users. This domain was flagged by 7 out of 95 security vendors on VirusTotal, indicating widespread suspicion of malicious activity. kra28atcc.com was registered on February 14, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar often associated with high-risk or short-lived domains. The site holds a valid SSL certificate issued by Google Trust Services, which can mislead users into believing the site is trustworthy despite its malicious intent. The IP address 104.21.13.48 has been linked to other known crypto drainer campaigns, further increasing concern about this domain's legitimacy. If you visited kra28atcc.com, immediately disconnect your wallet and revoke any permissions you may have granted. Use a reputable blockchain explorer or wallet tool to check for unauthorized transactions. Do not interact with any prompts or pop-ups on the site, as these may contain malicious scripts. Report the domain to PhishDestroy and consider running a full malware scan on your device. Avoid entering any private keys, seed phrases, or wallet passwords on any site that prompts for such information unexpectedly. Always verify the official domain of cryptocurrency services by cross-referencing multiple trusted sources before taking any action. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-02-14 19:37:34 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 104.21.13.48 ## Detection Status - VirusTotal: 7 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b58f5665-8a85-4ae1-8d44-6807575b525d - PhishDestroy: https://phishdestroy.io/domain/kra28atcc.com/ - LLM endpoint: https://phishdestroy.io/domain/kra28atcc.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kra28atcc.com/ Last updated: 2026-03-27