# kucoin-login.at — MALICIOUS > kucoin-login.at is a crypto brand impersonation site flagged by 12/95 VirusTotal vendors. It mimics KuCoin to steal credentials. Do not enter any data. ## Summary PhishDestroy identifies kucoin-login.at as an active brand impersonation domain designed to deceive visitors into believing it is the legitimate KuCoin cryptocurrency exchange login page. This malicious site leverages the trusted KuCoin brand to trick users into entering sensitive credentials or downloading harmful files, often under the guise of a login portal or security update. The goal is to harvest login details, enable unauthorized access to user accounts, or initiate crypto drainer transactions from connected wallets. This domain was flagged by 12 out of 95 VirusTotal security vendors, indicating a significant level of risk. The site resolves to IP address 172.67.130.101 and uses an SSL certificate issued by Google Trust Services, which attackers sometimes exploit to appear legitimate. The domain is currently active and poses an elevated threat to unsuspecting users. Technical analysis reveals that kucoin-login.at is a recent addition to the threat landscape, with indicators suggesting it was created to capitalize on user trust in the KuCoin brand. The domain is registered under a privacy-protected registrar, which is a common tactic used by malicious actors to conceal ownership details. The combination of a spoofed login interface, the use of a trusted SSL certificate, and a high VirusTotal detection rate highlights the sophistication of this impersonation attempt. Unlike generic phishing campaigns, this site specifically targets cryptocurrency users, where the stakes for credential theft are exceptionally high due to the irreversible nature of blockchain transactions. The presence of this domain in multiple security vendor feeds underscores its active misuse in campaigns aimed at credential theft and financial fraud. If you have visited kucoin-login.at, immediately cease any interaction with the site and do not enter any login credentials, wallet addresses, or personal information. Check your KuCoin account for any unauthorized transactions or changes to security settings. Use a reputable antivirus or anti-malware tool to scan your device for potential infections, as malicious sites like this may deploy crypto drainers or keyloggers to capture sensitive data. Report the domain to your local cybercrime unit or to platforms like Google Safe Browsing to help disrupt its operation. If you entered credentials, change your password immediately and enable two-factor authentication on your KuCoin account. Consider revoking any wallet connections if you suspect unauthorized access. Stay vigilant and always verify the authenticity of login pages by checking the official domain (kucoin.com) before entering any information. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Target brand: KuCoin ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.67.130.101 ## Detection Status - VirusTotal: 12 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/364d64a9-62f4-483c-89aa-6c0ecf19bacc - PhishDestroy: https://phishdestroy.io/domain/kucoin-login.at/ - LLM endpoint: https://phishdestroy.io/domain/kucoin-login.at/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kucoin-login.at/ Last updated: 2026-03-23