# kraken39at.com — MALICIOUS

> kraken39at.com impersonates Kraken cryptocurrency exchange with brand-impersonation tactics. Users risk credential theft as 14/95 security tools flag this.

## Summary
PhishDestroy identifies kraken39at.com as an active brand impersonation threat targeting Kraken cryptocurrency exchange users. This domain represents an elevated risk requiring immediate attention from security teams and individual users alike.  This domain was flagged by 14 out of 95 VirusTotal security vendors, indicating significant but not universal detection. The domain resolves to IP address 104.21.32.84 and utilizes a Google Trust Services SSL certificate to appear legitimate. Registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on August 09, 2024, this recently created domain shows clear red flags for brand impersonation campaigns. The combination of high-risk detection ratio, recent registration date, and cryptocurrency brand targeting creates a concerning threat profile that demands proactive blocking.  Brand impersonation domains like kraken39at.com typically deploy fake login portals to harvest credentials or financial information under the guise of legitimate services. Users encountering this domain should assume malicious intent and avoid any interaction. Security teams should immediately block this domain at the network level and include it in threat intelligence feeds. For individual users, the safest action is to verify any Kraken-related communications through official channels only. Always check the exact URL and SSL certificate details before entering any credentials, especially for financial platforms. This domain serves as a reminder to maintain skepticism of unsolicited digital communications and to prioritize verification over perceived convenience.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Kraken

## Domain Intelligence
- Registered: 2024-08-09 22:10:58
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.32.84

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/36b6e72c-eafa-4bf9-88a5-a8d8ce5dd2d7
- PhishDestroy: https://phishdestroy.io/domain/kraken39at.com/
- LLM endpoint: https://phishdestroy.io/domain/kraken39at.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kraken39at.com/
Last updated: 2026-03-27