# kraken-16-at.net — MALICIOUS

> kraken-16-at.net flagged for Kraken brand impersonation phishing (VT 15/95). Check the full report.

## Summary
PhishDestroy identifies kraken-16-at.net as an active brand impersonation domain targeting Kraken, a global cryptocurrency exchange. This fraudulent site mimics Kraken’s branding to deceive users into entering sensitive login or payment information, leveraging social engineering tactics typical of cryptocurrency drainer kits. The domain attempts to exploit trust in the Kraken brand, which has over 10 million users worldwide, making it a high-value target for cybercriminals seeking financial gain. Despite no explicit drainer kit artifacts reported, the site’s behavior aligns with known phishing methodologies designed to harvest credentials or cryptocurrency assets.

Technical indicators on kraken-16-at.net reveal a 15/95 detection score on VirusTotal, indicating moderate but concerning malicious activity. The domain was registered through Gname.com Pte. Ltd. on February 03, 2026, and resolves to IP address 104.21.73.215. It utilizes a Google Trust Services SSL certificate to appear legitimate, a common tactic among impersonation sites. As of the latest assessment, 15 security vendors flagged this domain, and it remains unlisted on Google Safe Browsing (GSB). The recent creation date and low blocklist coverage suggest this threat may be emerging, increasing the risk of successful user compromise.

kraken-16-at.net remains active and poses an elevated risk due to its ongoing availability and recent infrastructure setup. Kraken users should exercise extreme caution and avoid interacting with this domain or any associated links. Recommended actions include blocking the domain and IP address at the network level, reporting the site to Kraken’s abuse team and Google Safe Browsing, and alerting users via official communication channels. Despite these mitigations, the domain’s elevated risk classification and recent creation date indicate that the threat is not yet fully neutralized. Continuous monitoring is advised as additional malicious activity may emerge from this infrastructure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Kraken

## Domain Intelligence
- Registered: 2026-02-03 19:24:12
- Registrar: Gname.com Pte. Ltd.
- IP: 104.21.73.215

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d11eb193-bd4a-47a4-b09d-7748c0fd8fb0
- PhishDestroy: https://phishdestroy.io/domain/kraken-16-at.net/
- LLM endpoint: https://phishdestroy.io/domain/kraken-16-at.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kraken-16-at.net/
Last updated: 2026-03-27