# krakn46at.cc — SUSPICIOUS

> PhishDestroy identifies krakn46at.cc as a cryptocurrency drainer domain active since Nov 2025. VirusTotal flags it at 1/95. Check the full report.

## Summary
PhishDestroy identifies krakn46at.cc as a cryptocurrency drainer domain impersonating wallet services to siphon funds. This domain leverages deceptive tactics to trick users into connecting their wallets and authorizing malicious transactions. The drainer kit is designed to exploit wallet approval prompts, leading to unauthorized asset transfers under the guise of legitimate transactions.  

This domain was flagged with a VirusTotal detection score of 1/95 security vendors, indicating limited but confirmed malicious activity. It was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and resolves to the IP address 185.226.92.168. The domain was created on November 19, 2025, and currently holds a Let's Encrypt SSL certificate. It appears on 1 security blocklist and is blocked by MetaMask, highlighting its malicious nature. The domain's recent creation and low detection rate suggest it may be part of a rapidly evolving campaign targeting cryptocurrency users.  

As of the latest assessment, krakn46at.cc remains active with an elevated risk level. Immediate actions include blocking the domain and IP address to prevent further access. Users are advised to avoid interacting with this domain and verify any suspicious links using PhishDestroy's threat intelligence tools. While current countermeasures are effective, the domain's low detection rate and recent emergence pose a lingering risk to unwary users. Regular monitoring and updates to security tools are recommended to mitigate potential threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-11-19 13:51:15
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 185.226.92.168

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2e98165d-b005-4dfe-910c-03529830edd2
- PhishDestroy: https://phishdestroy.io/domain/krakn46at.cc/
- LLM endpoint: https://phishdestroy.io/domain/krakn46at.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/krakn46at.cc/
Last updated: 2026-03-30