# kra33----at.sbs — MALICIOUS

> Beware: kra33----at.sbs is a crypto drainer domain flagged by 6 of 95 VirusTotal vendors. Do not engage—protect your digital assets immediately.

## Summary
PhishDestroy identifies the active crypto drainer domain kra33----at.sbs as a current and elevated threat to cryptocurrency users. This domain is designed to deceive visitors into unknowingly transferring digital assets to attacker-controlled wallets, posing significant financial risk. The threat remains active as of the latest intelligence, requiring immediate attention from security teams and cryptocurrency holders alike.    This domain was flagged by 6 of 95 VirusTotal vendors, indicating a high likelihood of malicious intent. It resolves to IP address 193.105.134.24 and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. Registered on June 27, 2025, this domain is a recent addition to the threat landscape, leveraging newly created infrastructure to evade detection. With low trust scores and minimal historical reputation, kra33----at.sbs exhibits classic indicators of a crypto drainer operation, including deceptive naming conventions and rapid deployment to target unsuspecting victims.    Given the active status and specific threat posed by kra33----at.sbs, organizations and individuals must take immediate action to mitigate risk. Security teams should block this domain at the network and DNS levels, update firewall rules, and distribute threat intelligence to stakeholders. Cryptocurrency users should verify website authenticity through official channels, avoid clicking unsolicited links, and use hardware wallets or multi-signature solutions for enhanced security. Continuous monitoring of this domain and related infrastructure is strongly recommended to prevent financial loss and data compromise.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Page title: kra33----at.sbs

## Domain Intelligence
- Registered: 2025-06-27 11:08:31
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 193.105.134.24

## Detection Status
- VirusTotal: 6 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/14cce1c2-6009-47e3-9217-4022e03890af
- PhishDestroy: https://phishdestroy.io/domain/kra33----at.sbs/
- LLM endpoint: https://phishdestroy.io/domain/kra33----at.sbs/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra33----at.sbs/
Last updated: 2026-03-29