# kraken3yvbvzmhytnrnuhsy772i6dfobofu652e27f5hx6y5cpj7rgyd.com — SUSPICIOUS

> PhishDestroy identifies kraken3yvbvzmhytnrnuhsy772i6dfobofu652e27f5hx6y5cpj7rgyd.com as a Kraken brand impersonation site with 4/95 VirusTotal detections.

## Summary
PhishDestroy identifies an active Kraken brand impersonation threat linked to kraken3yvbvzmhytnrnuhsy772i6dfobofu652e27f5hx6y5cpj7rgyd.com, posing as the legitimate Kraken cryptocurrency exchange to deceive users into entering sensitive credentials or payment details. The domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on October 23, 2023, and currently resolves to IP 188.114.96.3. Its SSL certificate is issued by Google Trust Services, adding a false sense of legitimacy to the fraudulent site.  This domain was flagged by 4 out of 95 security vendors on VirusTotal, indicating limited but notable detection coverage. Its recent creation and the use of a trusted SSL issuer suggest an attempt to evade initial scrutiny by automated security tools. The threat actor leverages the Kraken brand’s reputation to trick users into disclosing login credentials or cryptocurrency wallet information, potentially leading to financial loss or account compromise.  If you visited this domain or entered any information, immediately change your Kraken account password and enable two-factor authentication. Review all recent transactions for unauthorized activity and consider revoking any connected API keys or third-party access. Use a reputable password manager to avoid autofill on untrusted sites. Report the domain to Kraken’s abuse team and your organization’s security team for further investigation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Kraken

## Domain Intelligence
- Registered: 2023-10-23 21:25:42
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 4 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/68c65049-bb86-4bff-a990-2b7925134be4
- PhishDestroy: https://phishdestroy.io/domain/kraken3yvbvzmhytnrnuhsy772i6dfobofu652e27f5hx6y5cpj7rgyd.com/
- LLM endpoint: https://phishdestroy.io/domain/kraken3yvbvzmhytnrnuhsy772i6dfobofu652e27f5hx6y5cpj7rgyd.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kraken3yvbvzmhytnrnuhsy772i6dfobofu652e27f5hx6y5cpj7rgyd.com/
Last updated: 2026-03-27