# krab3-cc.ru — MALICIOUS

> Krab3-cc.ru poses a high risk by impersonating Kraken. Active and flagged on blocklists. Stay safe and avoid this domain now.

## Summary
PhishDestroy identifies krab3-cc.ru as a high-risk brand impersonation threat targeting Kraken. This domain engages users by mimicking official Kraken branding to deceive victims.

The domain was created recently on February 21, 2026, and resolves to IP 188.114.96.3. It appears on two security blocklists and is flagged by 14 out of 95 VirusTotal security vendors, confirming its malicious intent.

Users and organizations should block access to krab3-cc.ru and monitor for phishing attempts. The domain remains active, requiring ongoing vigilance to prevent credential theft and fraud.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Target brand: Kraken
- Page title: Kraken новое официальное зеркало krab1 cc и krab1 at

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Lionic", "SOCRadar", "Sophos", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b3ad3-b42c-756c-94a2-e76bb936da09.png
- PhishDestroy: https://phishdestroy.io/domain/krab3-cc.ru/
- LLM endpoint: https://phishdestroy.io/domain/krab3-cc.ru/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/krab3-cc.ru/
Last updated: 2026-03-19