# kra34-at.cc — MALICIOUS

> PhishDestroy identifies kra34-at.cc as a crypto drainer mimicking Apple services. 9 out of 95 VirusTotal engines flag this domain created Nov 06 2024; avoid.

## Summary
PhishDestroy identifies kra34-at.cc as an active crypto drainer domain currently circulating in the wild. Users are urged to treat this domain as hostile due to its confirmed malicious payload designed to steal cryptocurrency assets from unwitting visitors.  kra34-at.cc was registered on November 06, 2024 through NICENIC INTERNATIONAL GROUP CO., LIMITED and resolves to IP address 188.114.97.3. The domain hosts a malicious crypto drainer that has already triggered 9 out of 95 security vendors on VirusTotal, indicating widespread detection. Despite carrying a Google Trust Services SSL certificate, the domain is actively flagged and remains untrusted by reputable threat intelligence platforms. The combination of recent registration, high-risk threat type, and low trust scoring elevates the risk level to elevated, warranting immediate caution.  Mitigating exposure to this crypto drainer requires users to avoid clicking links or visiting kra34-at.cc entirely. If interaction is suspected, disconnect affected devices from the internet and revoke any authorized cryptocurrency wallet connections. Always verify unknown domains using PhishDestroy before entering credentials or performing transactions. Report confirmed encounters to help expand real-time threat intelligence and protect the broader community from financial loss.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-11-06 16:11:33
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 9 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e729cfbc-eb2a-4583-9499-0c1b14afb9b3
- PhishDestroy: https://phishdestroy.io/domain/kra34-at.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra34-at.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra34-at.cc/
Last updated: 2026-03-26