# krasite.cc — MALICIOUS

> krasite.cc is a malicious site impersonating crypto wallets and stealing credentials. PhishDestroy identifies it as high-risk after VirusTotal flagged it with.

## Summary
krasite.cc is a recently registered malicious domain designed to impersonate cryptocurrency wallet services, including MetaMask, to trick users into entering their private keys or seed phrases. This domain was flagged as high-risk by PhishDestroy due to its active phishing operations and widespread detection by security vendors. Users who interact with this site risk losing access to their digital assets permanently.  krasite.cc was created on June 22, 2025, and is already blocked by 11 out of 95 VirusTotal security vendors, including MetaMask. The domain is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and resolves to IP address 185.114.97.3. Google Safe Browsing classifies this domain under the SOCIAL_ENGINEERING category, confirming its deceptive nature. Despite using a Let's Encrypt SSL certificate, the site remains a high-risk threat due to its fraudulent activities.  If you visited krasite.cc, immediately disconnect from the internet to prevent further data exposure. Do not enter any wallet credentials, private keys, or seed phrases. Scan your device with reputable antivirus software and revoke any permissions granted to this domain. Report the incident to your wallet provider and consider transferring funds to a new, secure wallet if you suspect compromise. Always verify URLs and use bookmarks for official crypto services to avoid similar scams.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-06-22 05:42:18
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 11 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 1 hits
  Lists: ["MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/37bad4f3-23df-48c8-8a82-586ac67ef947
- PhishDestroy: https://phishdestroy.io/domain/krasite.cc/
- LLM endpoint: https://phishdestroy.io/domain/krasite.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/krasite.cc/
Last updated: 2026-03-26