# krakentodaylink.cc — SUSPICIOUS > Phishing domain Krakentodaylink.cc mimics Kraken crypto exchange to steal credentials. Flagged by Google Safe Browsing as SOCIAL_ENGINEERING since Sept 30, 2025. ## Summary PhishDestroy identifies Krakentodaylink.cc as a brand impersonation domain targeting Kraken users under active investigation. This site poses a high-risk threat through deceptive login pages designed to harvest cryptocurrency exchange credentials and authentication tokens. The threat actor leverages Kraken’s trusted brand to trick victims into surrendering sensitive account access, potentially enabling fund theft or unauthorized trading activity. This domain was flagged by Google Safe Browsing as a SOCIAL_ENGINEERING attack vector on September 30, 2025—its registration date. It resolves to IP 188.114.96.3 and is hosted under an SSL certificate issued by Google Trust Services, increasing its appearance of legitimacy. The domain shows 0 detections on VirusTotal out of 95 engines and is currently blocked by SEAL and MetaMask, yet remains accessible on standard browsers. It is listed on two security blocklists and was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar frequently associated with high-risk or malicious domain registrations. Its recent creation and low detection rate suggest a rapidly evolving threat likely still in deployment phases. Given the specific brand impersonation tactic, users must avoid interacting with or entering any login credentials on Krakentodaylink.cc. Always access Kraken services directly via the official domain (kraken.com) or verified mobile apps. Enable two-factor authentication (2FA) using an authenticator app or hardware key, and monitor account activity for unauthorized access. If credentials were entered, immediately change passwords, revoke active sessions, and report the incident to Kraken Support via official channels. Use browser extensions like uBlock Origin or Privacy Badger to block known malicious domains, and consider using a dedicated password manager that warns of fake login pages. Report suspicious domains to security teams or through platforms like PhishDestroy to help disrupt ongoing campaigns. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Kraken ## Domain Intelligence - Registered: 2025-09-30 18:44:46 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 2 hits Lists: ["SEAL", "MetaMask"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/4a068390-d57b-4c97-8272-0d56f0e06030 - PhishDestroy: https://phishdestroy.io/domain/krakentodaylink.cc/ - LLM endpoint: https://phishdestroy.io/domain/krakentodaylink.cc/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/krakentodaylink.cc/ Last updated: 2026-03-29