# krab13cc.cc — MALICIOUS

> Beware: krab13cc.cc is a live crypto-drainer phishing site detected by 5/95 scanners. Avoid fake crypto wallets or seed-phrase thefts; verify domains on.

## Summary
PhishDestroy identifies krab13cc.cc as an active crypto-drainer phishing domain designed to steal cryptocurrency wallet credentials and drain assets. The page impersonates a fake wallet login portal and deploys a drainer kit to siphon funds from connected wallets without user confirmation. MetaMask has already blacklisted this domain, indicating recognized malicious intent targeting unsuspecting crypto users.  krab13cc.cc resolves to IP 188.114.97.3 and was registered on December 12, 2025 through NICENIC INTERNATIONAL GROUP CO., LIMITED using a Let’s Encrypt SSL certificate. VirusTotal analysis shows 5 out of 95 security vendors flagged the domain, and it appears on one public blocklist. The domain’s recent creation and low detection rate suggest an emergent threat actively leveraging fresh infrastructure to evade initial screening.  As of today, krab13cc.cc remains active and poses an elevated risk to users interacting with fake wallet interfaces or seeding phrases. PhishDestroy continues real-time monitoring, and the domain is under active takedown evaluation. Users are strongly advised to verify any crypto-related domains on PhishDestroy before entering credentials or connecting wallets, and to avoid interacting with unsolicited links claiming to offer crypto services.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-12 05:06:49
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ed44d988-9aa2-445b-a494-f2ce4fb25b6f
- PhishDestroy: https://phishdestroy.io/domain/krab13cc.cc/
- LLM endpoint: https://phishdestroy.io/domain/krab13cc.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/krab13cc.cc/
Last updated: 2026-03-26