# kucoin-loging.gitbook.io — MALICIOUS

> Kucoin-loging.gitbook.io is an active credential phishing domain targeting users. Stay alert and avoid sharing login info. Verify safety before access.

## Summary
PhishDestroy identifies kucoin-loging.gitbook.io as a medium-risk credential phishing site designed to steal user login credentials. The domain impersonates a legitimate cryptocurrency platform to trick visitors into revealing sensitive information such as usernames and passwords. Users should be aware that such threats can lead to account compromise and financial loss.

This phishing campaign operates by mimicking KuCoin's login interface hosted on a suspicious gitbook.io subdomain. Visitors are lured to the site through deceptive links or messages that appear trustworthy. Once on the site, users may enter their credentials, unknowingly handing them over to cybercriminals. The domain was created in 2014 but is currently flagged by some security tools and resolves to an IP address linked to Cloudflare, often used by threat actors to mask their infrastructure.

If you have visited kucoin-loging.gitbook.io, immediately avoid entering any information and change your passwords on the legitimate KuCoin platform. Enable two-factor authentication on your accounts to add an extra layer of security. Report suspicious websites to your security team or use phishing reporting tools. Regular vigilance and verifying the authenticity of URLs can prevent falling victim to similar scams.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Target brand: KuCoin
- Page title: KÚCÔIN LÔGIN | BITCÔIN

## Domain Intelligence
- Registered: 2014-03-30 06:09:09
- Registrar: Cloudflare, Inc
- IP: 104.18.40.47
- Nameservers: dahlia.ns.cloudflare.com hugh.ns.cloudflare.com

## Detection Status
- VirusTotal: 18 vendors flagged
  Vendors: ["ADMINUSLabs", "BitDefender", "CyRadar", "DNS8", "ESET", "Emsisoft", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "Sophos", "Trustwave", "VIPRE", "Webroot", "alphaMountain.ai"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Live Page Content
- Meta title: KÚCÔIN LÔGIN | BITCÔIN &amp; CRYPTÔ

### Page Text
KÚCÔIN LÔGIN | BITCÔIN & CRYPTÔ KÚCÔIN LÔGIN | BITCÔIN & CRYPTÔ ⌘ Ctrl k KÚCÔIN LÔGIN | BITCÔIN & CRYPTÔ KÚCÔIN LÔGIN | BITCÔIN & CRYPTÔ Powered by GitBook On this page Copy KÚCÔIN LÔGIN | BITCÔIN & CRYPTÔ

### External Scripts
- https://static-2c.gitbook.com/_next/static/chunks/87c73c54-095cf9a90cf9ee03.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/21902-071d67c25a3198c5.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/main-app-95dfd8d3dd2e941a.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/app/global-error-8fffda4f93bd8922.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/f5718501-8545f65f56dd58ef.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/9071f66d-6845f9ef16b3a69b.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/28728-db690aa75c5b02e4.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/30290-582ca1f5a0cb4ca8.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/59290-abc179ef89159efb.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/32172-ef933005f6ef589b.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884

### External Links
- https://www.gitbook.com/?utm_source=content&amp;utm_medium=trademark&amp;utm_campaign=cOOSZ6ZfjJydTxqCq5UM
- https://gitbook.com/docs/published-documentation/custom-domain/configure-dns#are-you-using-cloudflare

## Evidence
- Screenshot: https://i.ibb.co/KphQSCrX/4c35b86a0c10.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/ff2ce60f-ac9d-438d-8c0f-96e159be2bac
- PhishDestroy: https://phishdestroy.io/domain/kucoin-loging.gitbook.io/

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kucoin-loging.gitbook.io/
Last updated: 2026-03-14