# kraken7jmgt7yhhe2c4iyilthnhcugfylcztsdhh7otrr6jgdw667pqdonion.net — MALICIOUS

> kraken7jmgt7yhhe2c4iyilthnhcugfylcztsdhh7otrr6jgdw667pqdonion.net impersonates Kraken with fake logins. Detected by 16/95 vendors. Verify on PhishDestroy.

## Summary
PhishDestroy identifies kraken7jmgt7yhhe2c4iyilthnhcugfylcztsdhh7otrr6jgdw667pqdonion.net as an active threat with an elevated risk level due to its specific role in brand impersonation targeting Kraken. This domain is designed to deceive users into believing they are interacting with the legitimate Kraken platform, typically through fake login pages that can lead to credential theft or crypto asset draining.

Technical analysis reveals that this domain was created recently on February 23, 2026, and is registered through Gname 019 Inc. It resolves to the IP address 45.130.151.196 and uses a Let's Encrypt SSL certificate, which can falsely provide a sense of security to unsuspecting victims. VirusTotal reports that 16 out of 95 security vendors have flagged this domain, highlighting its malicious intent. While there is no direct mention of blocklisting status or trust scores, the high detection ratio and the nature of the registrar and hosting arrangement contribute to its suspicious profile.

To mitigate the risks posed by this brand impersonation, users should avoid clicking on unsolicited links or entering credentials on suspicious Kraken-branded sites. Verification on trusted threat intelligence platforms like PhishDestroy is strongly advised before interacting with any Kraken-related login pages. Organizations should consider implementing domain filtering and educating users about the risk of sophisticated impersonation attacks. Continuous monitoring for such domain registrations and SSL certificates can help detect and neutralize similar threats early.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Kraken

## Domain Intelligence
- Registered: 2026-02-23 19:35:02
- Registrar: Gname 019 Inc
- IP: 45.130.151.196

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/f6c67ce0-bdf9-482c-92c4-38e88f7da1ce
- PhishDestroy: https://phishdestroy.io/domain/kraken7jmgt7yhhe2c4iyilthnhcugfylcztsdhh7otrr6jgdw667pqdonion.net/
- LLM endpoint: https://phishdestroy.io/domain/kraken7jmgt7yhhe2c4iyilthnhcugfylcztsdhh7otrr6jgdw667pqdonion.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kraken7jmgt7yhhe2c4iyilthnhcugfylcztsdhh7otrr6jgdw667pqdonion.net/
Last updated: 2026-03-28