# kukinlugon.webflow.io — MALICIOUS > kukinlugon.webflow.io mimics KuCōin crypto exchange for credential theft. Flagged by 21/95 VirusTotal engines. Check the full report. ## Summary PhishDestroy identifies kukinlugon.webflow.io as a high-risk cryptocurrency phishing site designed to steal login credentials for KuCōin users. The fraudulent page displays a convincing replica of the legitimate KuCōin exchange sign-in interface, using Unicode manipulation in the title (KuCōin® - 𝑺î𝗴𝒏 i𝒏 - 𝐋 o𝒈 𝐈𝙣) to appear authentic while evading basic detection. When visitors enter their username and password, the credentials are immediately harvested by attackers who then gain access to real KuCōin accounts to steal funds or perform unauthorized transactions. This domain was flagged by 21 out of 95 VirusTotal security vendors, with detection beginning immediately upon activation. The site resolves to IP address 172.64.151.8 and was created recently, leveraging the legitimate Webflow.io hosting platform to lend false credibility to the scam. The domain remains active despite being blocked by OpenPhish and appearing on one security blocklist. Notably, the site uses a Google Trust Services SSL certificate to create a false sense of security, though this does not indicate legitimacy. The combination of recent creation, low blocklist coverage, and partial detection suggests this campaign is actively evolving to evade defenses. If you visited kukinlugon.webflow.io, immediately change your KuCōin password using a different device or network to prevent credential stuffing attacks. Enable two-factor authentication on your KuCōin account and check for any unauthorized transactions. Consider revoking any API keys or connected applications. Report the incident to KuCōin support and monitor your email for phishing attempts using the same credentials. Use a password manager to prevent reuse of compromised credentials across other platforms. If you entered payment details, contact your bank immediately to report potential fraud. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP ?) - Page title: KuCōin® - 𝑺î𝗴𝒏 i𝒏 - 𝐋 o𝒈 𝐈𝙣 ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.64.151.8 ## Detection Status - VirusTotal: 21 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["OpenPhish"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/34899710-f34c-40c2-9890-9974cd94a96d - PhishDestroy: https://phishdestroy.io/domain/kukinlugon.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/kukinlugon.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kukinlugon.webflow.io/ Last updated: 2026-04-14