# krakenloginss.wordpress.com — MALICIOUS

> Warning: krakenloginss.wordpress.com was used for high-risk Kraken brand impersonation phishing. Avoid this domain to protect your credentials.

## Summary
PhishDestroy identifies krakenloginss.wordpress.com as a fraudulent domain engaged in brand impersonation targeting Kraken users. Classified under social engineering threats, this domain mimicked Kraken’s branding to deceive victims into divulging sensitive information. The domain’s page title was generic, presenting as a typical WordPress blog, which helped cloak its malicious intent.

Technical indicators highlight that this domain was registered on February 21, 2026, via Automattic Inc., the official WordPress registrar. It resolves to the IP address 192.0.78.12, which is associated with WordPress hosting infrastructure. Security engines flagged the domain extensively: Google Safe Browsing labeled it as SOCIAL_ENGINEERING, VirusTotal detected it via 12 out of 95 security vendors, and it appeared on two distinct security blocklists. These factors collectively underline its high-risk profile as a phishing vector exploiting the Kraken brand.

Currently, krakenloginss.wordpress.com is offline, reflecting a responsive takedown action typical in anti-phishing operations. Although no active threat remains from this domain, users and organizations should remain vigilant against similar impersonation tactics. PhishDestroy recommends avoiding any suspicious URLs masquerading as Kraken services and verifying official communications directly through Kraken’s legitimate channels.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 410)
- Target brand: Kraken
- Page title: WordPress.com — Get a Free Blog Here

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Automattic Inc.
- Country: US
- IP: 192.0.78.12
- IP Country: US
- IP City: San Francisco
- IP Org: AS2635 Automattic, Inc
- Nameservers: ["lb.wordpress.com"]
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "Certego", "CRDF", "ESET", "G-Data", "Google Safebrowsing", "Gridinsoft", "Lionic", "Sophos", "VIPRE"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b4535-9837-72e2-88cb-d822ed4b30f8.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/3f416f76-c45e-4e1f-a574-accf5bdd3bdf
- PhishDestroy: https://phishdestroy.io/domain/krakenloginss.wordpress.com/
- LLM endpoint: https://phishdestroy.io/domain/krakenloginss.wordpress.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/krakenloginss.wordpress.com/
Last updated: 2026-03-19