# laundertrack.pro — MALICIOUS

> laundertrack.pro mimics Kraken to steal credentials. The domain is offline but flagged by blocklists. Stay alert and avoid suspicious links.

## Summary
PhishDestroy has identified laundertrack.pro as a malicious domain engaged in brand impersonation targeting Kraken, a prominent cryptocurrency exchange. This impersonation effort poses significant risks to users by attempting to capture login credentials through a fake sign-in page titled "Sign in to Kraken." Such attacks can lead to account takeovers, financial loss, and compromised personal data, highlighting the critical nature of vigilance against phishing scams.

Investigations reveal that laundertrack.pro was registered on March 9, 2026, and resolved to the IP address 198.251.88.215. The domain was flagged on two separate security blocklists and detected by 15 out of 95 VirusTotal security vendors, underscoring its malicious intent. Although currently taken offline, its recent activity and resemblance to Kraken’s branding indicate a well-crafted attempt to deceive unsuspecting users.

Users are advised to avoid clicking on links associated with laundertrack.pro and to verify URLs carefully before entering any login credentials. Enabling two-factor authentication on their Kraken accounts and monitoring account activity regularly can mitigate potential damage from such scams. If users suspect they have interacted with this fraudulent site, immediate password changes and contacting Kraken support are strongly recommended to secure their accounts.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Target brand: Kraken
- Page title: Sign in to Kraken

## Domain Intelligence
- Registered: 2026-03-09 13:07:02
- IP: 198.251.88.215
- IP Country: US
- IP City: Cheyenne
- IP Org: AS53667 FranTech Solutions
- Nameservers: ns15.lodgehoster.nl ns16.lodgehoster.nl
- SSL Issuer: none

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "SOCRadar", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://i.ibb.co/1YqjJxV2/a1221e6b8d7d.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/2ab19555-6957-4fb5-86b0-4e603619ea32
- PhishDestroy: https://phishdestroy.io/domain/laundertrack.pro/
- LLM endpoint: https://phishdestroy.io/domain/laundertrack.pro/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/laundertrack.pro/
Last updated: 2026-03-19