# kra340.cc — MALICIOUS

> kra340.cc is a live credential theft domain flagged by 5/95 VirusTotal scanners. Avoid interactions to prevent crypto wallet draining. Block immediately.

## Summary
PhishDestroy identifies kra340.cc as an active crypto drainer domain designed to harvest wallet credentials and siphon digital assets. This domain mimics legitimate cryptocurrency platforms to trick users into connecting compromised wallets, where malicious scripts execute unauthorized transactions. The infrastructure is deliberately engineered to extract private keys, seed phrases, or authentication tokens under the guise of routine verification processes.  This domain was flagged by 5 out of 95 VirusTotal security vendors within hours of registration. It was created on June 21, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED, and resolves to IP address 185.114.97.3. Despite using a Google Trust Services SSL certificate, the domain’s recent origin and low blocklist penetration indicate a rapidly evolving threat vector still gaining detection coverage.  If you visited or interacted with kra340.cc, immediately disconnect your wallet from any suspicious sites, revoke any connected permissions via your wallet’s settings, and transfer remaining funds to a newly generated wallet. Do not reuse passwords or seed phrases across platforms. Report the domain to your antivirus provider and consider blocking 185.114.97.3 at the network level. Monitor transaction histories for unauthorized activity and enable multi-factor authentication on all crypto-related accounts.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-06-21 07:47:41
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a1a9b51e-30e0-400e-87f4-0314e0341105
- PhishDestroy: https://phishdestroy.io/domain/kra340.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra340.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra340.cc/
Last updated: 2026-03-26