# kraken2trfqodidvlh4aa7cpzfrhdlfldhve5nf7njhumwr7instad.com — MALICIOUS > kraken2trfqodidvlh4aa7cpzfrhdlfldhve5nf7njhumwr7instad.com is a fraudulent Kraken impersonation site flagged by 16 of 95 VirusTotal vendors. ## Summary PhishDestroy identifies kraken2trfqodidvlh4aa7cpzfrhdlfldhve5nf7njhumwr7instad.com as an active domain engaged in brand impersonation targeting Kraken, currently assessed at elevated risk. This domain was registered on August 16, 2023, with a Google Trust Services SSL certificate and resolves to IP 188.114.97.3 through NICENIC INTERNATIONAL GROUP CO., LIMITED. VirusTotal analysis indicates the domain is flagged by 16 of 95 security vendors, signaling elevated malicious intent and immediate risk to users engaging with the site. Technical indicators confirm this domain is part of a coordinated phishing campaign designed to deceive users into revealing sensitive account credentials or financial information under the guise of the legitimate Kraken cryptocurrency exchange. The domain's recent creation date and low blocklist penetration suggest a targeted, possibly automated deployment strategy aimed at exploiting brand trust. Registrar data and SSL certification provide no legitimate affiliation with Kraken, further validating its fraudulent nature. Users encountering this domain must immediately cease all interaction and report the site to relevant authorities, including Kraken's phishing reporting channels and domain registrars. Organizations should consider blocking 188.114.97.3 at the firewall level and updating threat intelligence feeds with this indicator. Proactive monitoring for similar domains and user education on verifying domain authenticity are critical to mitigating exposure to this and future impersonation campaigns. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Target brand: Kraken ## Domain Intelligence - Registered: 2023-08-16 12:50:43 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.97.3 ## Detection Status - VirusTotal: 16 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f852d81f-94be-45e7-81fb-d0d32007e018 - PhishDestroy: https://phishdestroy.io/domain/kraken2trfqodidvlh4aa7cpzfrhdlfldhve5nf7njhumwr7instad.com/ - LLM endpoint: https://phishdestroy.io/domain/kraken2trfqodidvlh4aa7cpzfrhdlfldhve5nf7njhumwr7instad.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kraken2trfqodidvlh4aa7cpzfrhdlfldhve5nf7njhumwr7instad.com/ Last updated: 2026-03-27