# kucoilnlogiin.webflow.io — MALICIOUS

> kucoilnlogiin.webflow.io is a crypto drainer impersonating KuCoin. VirusTotal flags 15/95 security vendors. DO NOT enter credentials or connect wallets.

## Summary
PhishDestroy identifies kucoilnlogiin.webflow.io as an active crypto drainer posing as KuCoin, with an elevated risk level of detection by 15 out of 95 VirusTotal security vendors.  This domain resolves to IP 172.64.151.8, issued an SSL certificate by Google Trust Services, and is hosted on Webflow's platform. It utilizes a Webflow.io subdomain structure, a common tactic to appear legitimate at first glance. The domain's recent deployment and low trust scores across multiple blocklists highlight its malicious intent, specifically designed to siphon cryptocurrency assets from unsuspecting users by mimicking KuCoin's login interface.  Mitigation against crypto drainers like kucoilnlogiin.webflow.io requires heightened vigilance. Users must verify the website's URL before entering credentials or connecting cryptocurrency wallets. Never click links from unsolicited emails or messages, even if they appear to originate from legitimate exchanges like KuCoin. Ensure bookmarks are used for frequented exchanges, and enable two-factor authentication (2FA) where possible. If any interaction with this domain occurs, revoke any wallet connections immediately and transfer remaining assets to a secure wallet. Report the domain to KuCoin and relevant cybersecurity platforms to aid in its takedown.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 172.64.151.8

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/da260813-61a2-4cbe-83d5-a86dac9956e6
- PhishDestroy: https://phishdestroy.io/domain/kucoilnlogiin.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/kucoilnlogiin.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kucoilnlogiin.webflow.io/
Last updated: 2026-04-13