# kraken-33-at.com — MALICIOUS

> kraken-33-at.com is a crypto drainer impersonating Kraken with 15/95 VirusTotal detections. This active campaign steals cryptocurrency assets via fake brand.

## Summary
kraken-33-at.com is an active crypto drainer impersonating the Kraken cryptocurrency exchange brand, posing an elevated risk to users. This domain was flagged by PhishDestroy as part of an ongoing campaign designed to deceive victims into transferring cryptocurrency to attacker-controlled wallets. The threat involves direct brand impersonation with malicious intent, leveraging Kraken’s reputation to build trust before executing financial theft.  

This domain was registered on August 09, 2024, and resolves to IP address 188.114.96.3. It has been detected by 15 out of 95 VirusTotal security vendors, indicating partial but incomplete detection coverage. The domain uses a Google Trust Services SSL certificate, which may enhance its credibility among unsuspecting users. It is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar known to be abused in malicious domain registrations. The combination of fresh registration date, high-risk IP association, low detection rate, and SSL trust manipulation increases the likelihood of successful deception.  

Users and organizations should immediately block kraken-33-at.com at DNS and network levels. Avoid any interaction with this domain, including clicking links or visiting the site. If exposed, monitor cryptocurrency wallets for unauthorized transactions. Report the domain to security teams and threat intelligence platforms. Use endpoint protection to detect known indicators associated with this campaign (seed 3c8a2a). Notify Kraken support and cryptocurrency users in your network to raise awareness of this impersonation scheme.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Kraken

## Domain Intelligence
- Registered: 2024-08-09 22:35:19
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2925fa89-f41b-4e70-a0a8-594694e810c2
- PhishDestroy: https://phishdestroy.io/domain/kraken-33-at.com/
- LLM endpoint: https://phishdestroy.io/domain/kraken-33-at.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kraken-33-at.com/
Last updated: 2026-03-27