# kukoinlogin.webflow.io — MALICIOUS

> Danger! kukoinlogin.webflow.io is a fake KuCoin login page stealing crypto. Verified by PhishDestroy: 11/95 security engines flag this drainer.

## Summary
PhishDestroy identifies kukoinlogin.webflow.io as an active crypto drainer impersonating the KuCoin exchange login portal. This domain employs brand impersonation to trick users into entering credentials, exposing wallets to immediate fund theft. The threat level is elevated due to ongoing activity and deceptive design mimicking a legitimate exchange interface.


This domain was flagged by 11 out of 95 VirusTotal security vendors, indicating significant but not universal detection. It resolves to IP 172.64.151.8 and uses a Google Trust Services SSL certificate to appear legitimate. The subdomain kukoinlogin.webflow.io leverages Webflow's hosting infrastructure, which has been abused for phishing campaigns. No creation date or registrar data is publicly available, suggesting recent deployment to evade blocklists. The lack of presence on major blocklists (e.g., Google Safe Browsing, PhishTank) highlights its evasiveness.


To mitigate exposure, users must verify links before clicking, especially those claiming to be KuCoin login pages. Never enter credentials or wallet details on this domain. KuCoin's official site is kucoin.com. If you've interacted with this site, revoke any connected wallet permissions immediately and transfer funds to a cold wallet. Report the domain to PhishDestroy to aid in blacklisting efforts.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: KuCoin

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 172.64.151.8

## Detection Status
- VirusTotal: 11 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5328f671-c4c6-4745-bd37-e4ee8f2ee6aa
- PhishDestroy: https://phishdestroy.io/domain/kukoinlogin.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/kukoinlogin.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kukoinlogin.webflow.io/
Last updated: 2026-03-29