# krab2-cc-onion.ru — SUSPICIOUS

> krab2-cc-onion.ru is flagged for credential theft with 1/95 VirusTotal detections. Elevated risk; avoid sharing login info on this domain.

## Summary
PhishDestroy identifies krab2-cc-onion.ru as an active threat with an elevated risk level, specifically engaged in credential theft. This domain attempts to deceive users into revealing sensitive login information, posing a significant security concern for individuals and organizations.

The domain krab2-cc-onion.ru was registered on December 19, 2025, through the RU-CENTER-RU registrar and resolves to the IP address 188.114.96.3. VirusTotal flags it with 1 out of 95 security vendors detecting malicious behavior. Though it uses a Google Trust Services SSL certificate, which may give a false sense of legitimacy, the domain remains actively dangerous. It is currently not widely blocklisted but should be treated with caution given its recent creation and elevated threat status.

To mitigate risks associated with credential theft from krab2-cc-onion.ru, users should avoid entering any personal or login credentials on this site. Security teams are advised to block this domain at the network level and educate users about the risks of credential phishing scams. Using multi-factor authentication and monitoring for anomalous login attempts can further reduce potential damage from credential compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-19 10:37:22
- Registrar: RU-CENTER-RU
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b68f649b-2f13-496a-84e5-68817dfe3777
- PhishDestroy: https://phishdestroy.io/domain/krab2-cc-onion.ru/
- LLM endpoint: https://phishdestroy.io/domain/krab2-cc-onion.ru/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/krab2-cc-onion.ru/
Last updated: 2026-03-28