# kukoinlogun.webflow.io — MALICIOUS

> kukoinlogun.webflow.io is a crypto drainer phishing site flagged by 20 of 95 VirusTotal vendors. Avoid entering wallet credentials to prevent asset theft.

## Summary
PhishDestroy identifies kukoinlogun.webflow.io as a fraudulent domain hosting a crypto drainer impersonating KuCoin, an active phishing campaign since deployment. Threat intelligence confirms the domain remains accessible and is currently leveraged to deceive cryptocurrency users into connecting compromised wallets. This report synthesizes verified threat indicators to support secure browsing decisions and incident response.  

This domain was flagged by 20 of 95 VirusTotal security vendors, resolving to IP address 172.64.151.8 with a Google Trust Services SSL certificate. The campaign employs Webflow’s infrastructure to obscure malicious intent, presenting a domain registered under known bulletproof hosting conditions to prolong operational uptime. Trust scores from passive DNS and WHOIS analysis reflect minimal legitimacy, with no historical association with legitimate KuCoin services beyond impersonation tactics.  

Given the elevated risk posed by crypto drainer infrastructure, immediate avoidance is strongly advised. Users should refrain from interacting with kukoinlogun.webflow.io and verify all wallet connections against official KuCoin endpoints. Security teams are encouraged to block the IP range 172.64.151.0/24 and update browser blocklists to include the domain. Report any unauthorized transactions to KuCoin support and affected wallet providers to mitigate asset loss.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 172.64.151.8

## Detection Status
- VirusTotal: 20 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0f12852c-1386-4bf0-9399-197fd4485df8
- PhishDestroy: https://phishdestroy.io/domain/kukoinlogun.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/kukoinlogun.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kukoinlogun.webflow.io/
Last updated: 2026-03-21