# kra34c.cc — MALICIOUS

> kra34c.cc is a crypto drainer domain with 12/95 VirusTotal detections. Created March 14, 2025, it pushes fake wallets to steal crypto assets.

## Summary
kra34c.cc is a crypto drainer site designed to trick users into connecting crypto wallets and signing malicious transactions that drain funds. When visited, the page loads a fake wallet interface that prompts users to connect their wallet or sign a transaction. Any approval or signature grants the attacker permission to transfer tokens and NFTs directly from the victim’s wallet without further interaction. This domain is part of a growing trend where attackers create realistic wallet interfaces to exploit users who may not verify transaction details carefully.  PhishDestroy identifies this domain as a high-risk crypto drainer based on multiple indicators. The domain kra34c.cc was created on March 14, 2025, just days ago, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar often associated with disposable or low-cost domain registrations favored by attackers. Security vendor analysis via VirusTotal shows that 12 out of 95 detection engines flag this domain for malicious activity, indicating strong but not universal consensus on its threat level. The site resolves to IP address 58.64.137.69, which has been linked to previous crypto drainer campaigns.  If you visited kra34c.cc, do not connect your wallet or approve any transactions. Disconnect your wallet immediately if you already connected it, and revoke any malicious permissions through your wallet’s app or block explorer. If you signed a transaction, monitor your wallet for unauthorized transfers. Consider moving remaining funds to a new wallet with a different seed phrase. Report the domain to your antivirus provider or browser safety tools, and avoid similar-looking URLs in the future. Stay cautious when prompted to connect wallets on unfamiliar sites.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Page title: kra34c.cc

## Domain Intelligence
- Registered: 2025-03-14 11:24:46
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 58.64.137.69

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/52037cc7-02b9-4cd4-a8ff-2cbf41e4a659
- PhishDestroy: https://phishdestroy.io/domain/kra34c.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra34c.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra34c.cc/
Last updated: 2026-03-28