# kucoinloginhuac.webflow.io — MALICIOUS > Stay safe from phishing attempts at kucoinloginhuac.webflow.io. Avoid sharing personal info and verify official KuCoin sites directly. ## Summary PhishDestroy identifies kucoinloginhuac.webflow.io as a high-risk domain engaged in brand impersonation targeting KuCoin users. The domain’s intent is to deceive individuals into believing they are interacting with KuCoin’s official login portal, thereby attempting to harvest sensitive account credentials through fraudulent means. This threat type is especially dangerous due to its potential to cause direct financial loss and identity compromise. The domain was created recently on March 12, 2026, and is currently active. VirusTotal flags 19 out of 95 security vendors for malicious activity related to this domain, confirming its suspicious nature. The domain resolves to IP address 104.18.36.248 and appears on at least one security blocklist, reinforcing the consensus that it is part of a phishing infrastructure. The page title itself uses visually deceptive text to mimic KuCoin’s branding while leading users through a fake “Step-by-tep” login guide, a classic social engineering technique. Users are strongly advised to avoid visiting or interacting with kucoinloginhuac.webflow.io. KuCoin customers should only access their accounts through verified official channels. PhishDestroy recommends immediate blocking of this domain on security devices and alerting users to the ongoing risk. The domain remains active and continues to pose a threat; vigilance and cautious behavior are essential to prevent credential theft and subsequent fraud. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP 200) - Target brand: KuCoin - Page title: ꝄuCoin® ℓoℊin@% A Step-by-tep Guide to Access Your Account ## Domain Intelligence - Registered: 2026-03-12 13:07:01 - IP: 104.18.36.248 - IP Country: US - IP City: San Francisco - IP Org: AS13335 Cloudflare, Inc. - SSL Issuer: Google Trust Services / WE1 ## Detection Status - VirusTotal: 19 vendors flagged Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "LevelBlue", "Lionic", "Netcraft", "OpenPhish", "PREBYTES", "Sophos", "VIPRE", "Webroot"] - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["PhishDestroy"] ## Evidence - Screenshot: https://urlscan.io/screenshots/019ce223-d6d4-7380-b564-3951f97359a2.png - PhishDestroy: https://phishdestroy.io/domain/kucoinloginhuac.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/kucoinloginhuac.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kucoinloginhuac.webflow.io/ Last updated: 2026-03-19