# kraken2trfqodidvlh4aa337cpzfrhdlfldhve5nf7njhumwr7ins.com — SUSPICIOUS > Ongoing Kraken brand impersonation on kraken2trfqodidvlh4aa337cpzfrhdlfldhve5nf7njhumwr7ins.com. Flagged by 2 of 95 VirusTotal vendors. Do NOT enter credentials. ## Summary PhishDestroy identifies active brand impersonation threat on the domain kraken2trfqodidvlh4aa337cpzfrhdlfldhve5njhumwr7ins.com. The threat is classified as an elevated-risk impersonation of the cryptocurrency exchange Kraken, currently marked as active. This domain masquerades as a legitimate Kraken interface, posing imminent risk to unsuspecting users seeking cryptocurrency services. This domain was flagged by 2 of 95 VirusTotal vendors, indicating limited but confirmed malicious detection. It is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolves to IP address 86.54.25.38, and was created on October 31, 2025. With a recent registration, low detection rates, and no established trust, this domain exhibits multiple high-risk indicators consistent with phishing campaigns targeting cryptocurrency users. The combination of a newly registered domain, impersonation tactics, and low VirusTotal detection suggests a targeted, evolving threat designed to evade early-stage security measures. As of the latest intelligence, this domain remains active and represents a credible threat to users seeking Kraken services. PhishDestroy recommends immediate action: block the domain kraken2trfqodidvlh4aa337cpzfrhdlfldhve5njhumwr7ins.com at the network and DNS levels, update endpoint protection signatures using the VirusTotal and IP reputation feeds, and issue urgent advisories to users to verify URLs via Kraken’s official domain (kraken.com) before any credential or transaction input. Additionally, monitor for access attempts to 86.54.25.38 and correlate with login logs for signs of compromise. Due to the elevated risk and rapid domain lifecycle typical of phishing operations, proactive blocking and user education are critical to prevent credential theft and financial loss. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Kraken - Page title: kraken2trfqodidvlh4aa337cpzfrhdlfldhve5nf7njhumwr7ins.com ## Domain Intelligence - Registered: 2025-10-31 18:34:45 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 86.54.25.38 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/8a00cee9-2e06-4f70-be78-8534f5d5baf4 - PhishDestroy: https://phishdestroy.io/domain/kraken2trfqodidvlh4aa337cpzfrhdlfldhve5nf7njhumwr7ins.com/ - LLM endpoint: https://phishdestroy.io/domain/kraken2trfqodidvlh4aa337cpzfrhdlfldhve5nf7njhumwr7ins.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kraken2trfqodidvlh4aa337cpzfrhdlfldhve5nf7njhumwr7ins.com/ Last updated: 2026-03-28