# kraken42-at.com — MALICIOUS

> kraken42-at.com impersonates Kraken as a crypto drainer site flagged by 15/95 VirusTotal scanners. Avoid this fraudulent domain to protect your assets.

## Summary
PhishDestroy identifies kraken42-at.com as an active brand impersonation scam targeting Kraken users. This domain mimics the legitimate Kraken cryptocurrency exchange to deceive victims into connecting wallets or entering credentials. The site is linked to crypto drainer kits designed to siphon funds from unsuspecting users. Security experts confirm this domain was registered solely for malicious intent, leveraging Kraken's reputation to build trust before executing fraudulent transactions. The immediate risk to cryptocurrency holders is severe, as drainer kits can silently transfer assets without user consent once connected.  

This domain was flagged by 15 of 95 VirusTotal security vendors, with MetaMask already blocking access. Kraken42-at.com resolves to IP 188.114.96.3 and was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on July 26, 2024. The domain holds a Google Trust Services SSL certificate, which may lend false legitimacy to visitors, while appearing on one active blocklist. These technical indicators confirm the domain's malicious infrastructure and intent, making it a high-risk threat to cryptocurrency users seeking legitimate Kraken services.  

As of now, kraken42-at.com remains active and operational, posing an elevated risk to visitors. PhishDestroy recommends users avoid this domain entirely and verify any Kraken-related URLs directly through official channels. Organizations should block 188.114.96.3 at the network level and update security tools to include this domain. While immediate takedowns are unlikely due to the domain's recent registration, ongoing monitoring and user awareness remain critical to mitigating this threat. The remaining risk is high given the domain's recent activation and drainer kit association, requiring constant vigilance from both users and security teams.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Kraken

## Domain Intelligence
- Registered: 2024-07-26 08:20:38
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/70401a06-f833-4319-8e9e-7d13de75ed39
- PhishDestroy: https://phishdestroy.io/domain/kraken42-at.com/
- LLM endpoint: https://phishdestroy.io/domain/kraken42-at.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kraken42-at.com/
Last updated: 2026-03-28