# kraken2trfqodidvlh4a37cpzfrhdlfldhve5nf7njhumwr7instad.vip — MALICIOUS > PhishDestroy warns: kraken2trfqodidvlh4a37cpzfrhdlfldhve5nf7njhumwr7instad.vip is a crypto-draining fake-login masquerading as Kraken. ## Summary PhishDestroy identifies an active brand-impersonation threat tied to the domain kraken2trfqodidvlh4a37cpzfrhdlfldhve5nf7njhumwr7instad.vip, which is categorized as a crypto drainer that mimics the Kraken cryptocurrency exchange with an elevated risk profile. This domain was flagged after registering on February 02, 2026 through Gname.com Pte. Ltd. and resolving to IP 172.67.181.210. VirusTotal analysis reveals 12 out of 95 participating security vendors have already detected malicious activity. The domain also holds a legitimate-appearing SSL certificate issued by Google Trust Services, increasing its deceptive appeal. Users should immediately stop any interaction with this domain and verify its status on PhishDestroy. To mitigate risks, ensure all logins to Kraken are performed only via the official kraken.com domain or its verified subdomains. Consider rotating any shared credentials used on this fake site, enable multi-factor authentication on the authentic Kraken platform, and run a full security scan on any device that accessed the suspicious URL. If credentials were entered, revoke them on kraken.com immediately and monitor linked accounts for unauthorized transactions. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Target brand: Kraken ## Domain Intelligence - Registered: 2026-02-02 14:39:30 - Registrar: Gname.com Pte. Ltd. - IP: 172.67.181.210 ## Detection Status - VirusTotal: 12 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/6b956789-f1cb-42df-938c-43c9d480f513 - PhishDestroy: https://phishdestroy.io/domain/kraken2trfqodidvlh4a37cpzfrhdlfldhve5nf7njhumwr7instad.vip/ - LLM endpoint: https://phishdestroy.io/domain/kraken2trfqodidvlh4a37cpzfrhdlfldhve5nf7njhumwr7instad.vip/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kraken2trfqodidvlh4a37cpzfrhdlfldhve5nf7njhumwr7instad.vip/ Last updated: 2026-03-28