# kraken6gf6o4rxewycqwjgfchzgxyfeoj5xafqbfm4vgvyaig2vmxyd.com — MALICIOUS

> PhishDestroy identifies Kraken impersonation domain kraken6gf6o4rxewycqwjgfchzgxyfeoj5xafqbfm4vgvyaig2vmxyd.com as active crypto drainer kit.

## Summary
PhishDestroy identifies an active cryptocurrency drainer kit hosted at kraken6gf6o4rxewycwjgfchzgxyfeoj5xafqbfm4vgvyaig2vmxyd.com that impersonates the Kraken brand, leveraging a spoofed domain to steal cryptocurrency assets through fake withdrawal pages.  This domain was flagged by 14 out of 95 VirusTotal security vendors within 24 hours of detection. The infrastructure is hosted on IP 45.130.151.196 and leverages a Let's Encrypt SSL certificate. Registered through Gname 172 Inc on January 22, 2026, the domain is not currently flagged in Google Safe Browsing but has already been blocked by 5 threat intelligence platforms.  As of today, the campaign remains active with elevated risk. Immediate action is recommended to block the domain kraken6gf6o4rxewycqwjgfchzgxyfeoj5xafqbfm4vgvyaig2vmxyd.com and its IP 45.130.151.196 at network and endpoint levels. Users interacting with Kraken or similar services should verify URLs via official sources before entering credentials or performing transactions. Remaining risk includes continued phishing operations targeting cryptocurrency users, with high potential for fund loss.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Kraken

## Domain Intelligence
- Registered: 2026-01-22 19:37:27
- Registrar: Gname 172 Inc
- IP: 45.130.151.196

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7c239b3c-e91c-4673-9a14-10d2376f8b6c
- PhishDestroy: https://phishdestroy.io/domain/kraken6gf6o4rxewycqwjgfchzgxyfeoj5xafqbfm4vgvyaig2vmxyd.com/
- LLM endpoint: https://phishdestroy.io/domain/kraken6gf6o4rxewycqwjgfchzgxyfeoj5xafqbfm4vgvyaig2vmxyd.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kraken6gf6o4rxewycqwjgfchzgxyfeoj5xafqbfm4vgvyaig2vmxyd.com/
Last updated: 2026-03-29