# kraken31-at.com — MALICIOUS > PhishDestroy identifies kraken31-at.com as a Kraken brand impersonation phishing domain with a 15/95 VirusTotal detection rate. Check the full report. ## Summary PhishDestroy identifies kraken31-at.com as a domain actively engaging in brand impersonation phishing, specifically targeting the Kraken cryptocurrency exchange. This domain employs spoofing tactics to deceive users into divulging sensitive account credentials or financial information, leveraging Kraken’s established brand reputation to enhance credibility. No evidence currently links this domain to a drainer kit, suggesting a focus on credential harvesting or fraudulent redirection rather than direct fund extraction. The site likely mimics Kraken’s login portal or support pages to trick visitors into entering their credentials or payment details, a common tactic in cryptocurrency-related phishing campaigns. This domain was flagged with a detection score of 15/95 security vendors on VirusTotal, indicating elevated but not universal consensus on its malicious nature. The domain resolves to IP address 188.114.96.3 and operates with an SSL certificate issued by Google Trust Services, which may lend it an air of legitimacy. Registered on June 27, 2024, through NICENIC INTERNATIONAL GROUP CO., LIMITED, the domain has already been listed on one security blocklist, suggesting prior identification by at least one threat intelligence source. Despite its recent creation, the domain has already been blocked by MetaMask, reflecting proactive community or vendor responses to emerging threats. As of the latest analysis, kraken31-at.com remains active and poses an elevated risk to users, particularly those unfamiliar with phishing red flags. Immediate action is recommended to block this domain at the network or endpoint level, and users should avoid interacting with any links or attachments associated with it. While this domain does not yet appear on widespread blocklists, its detection by MetaMask and multiple security vendors underscores the importance of vigilance. The risk of credential theft or financial loss remains significant, and organizations should update their threat intelligence feeds to include this domain. Users are advised to verify the authenticity of any Kraken-related communications independently and enable multi-factor authentication on their accounts as an additional safeguard. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Target brand: Kraken ## Domain Intelligence - Registered: 2024-06-27 11:53:25 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.96.3 ## Detection Status - VirusTotal: 15 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["MetaMask"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/19422383-25e4-4339-8b97-7fcf65a87248 - PhishDestroy: https://phishdestroy.io/domain/kraken31-at.com/ - LLM endpoint: https://phishdestroy.io/domain/kraken31-at.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kraken31-at.com/ Last updated: 2026-03-28