# share.kredicash-money.com — SUSPICIOUS > PhishDestroy identifies share.kredicash-money.com as a suspected crypto drainer site — registered March 06, 2026, resolving to 188.114.96. ## Summary PhishDestroy identifies share.kredicash-money.com as a recently activated crypto drainer kit designed to mimic legitimate financial services under the guise of a ‘Kredicash Money’ reward campaign. The domain name leverages homoglyphs and urgency-driven redirection to dupe victims into connecting wallets and signing malicious transactions that drain tokens to attacker-controlled addresses. No specific brand was directly spoofed in this instance, though the payload mimics common crypto-drainer interfaces such as ‘Stargate’, ‘Bridged’, or ‘Multi-Chain Rewards’ to confuse users. The campaign appears to be in early deployment, with payloads likely delivered via phishing emails, social media promotions, or compromised influencer streams. Technical indicators confirm this domain is actively hostile. VirusTotal shows zero detections (0/95) as of harvest time, indicating a novel threat still undetected by most scanners. Registration occurred through Cloudflare, Inc., with a Let’s Encrypt SSL certificate issued at launch. The domain resolves to IP 188.114.96.3 and was created on March 06, 2026, suggesting a same-day deployment strategy. Google Safe Browsing (GSB) has not yet blacklisted the domain, and it remains absent from all major threat intelligence feeds, resulting in zero blocklist coverage. These attributes indicate a high-risk, low-signature campaign likely targeting early adopters of new crypto launchpads or yield-farming platforms. The domain is currently active and under investigation by PhishDestroy’s anti-drainer unit. Immediate actions include domain takedown coordination with Cloudflare’s abuse team, IP de-listing via AbuseIPDB and Spamhaus, and signature generation for Snort/Suricata. End users are advised to block the domain at DNS level, avoid wallet connections to unknown sites, and verify all crypto-related links via official project channels. While the current risk is classified as ‘under_investigation’, the absence of detection and recent registration date elevate the threat level to ‘active and escalating’. Users should treat any interaction with this domain as a potential financial attack vector. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-06 14:02:50 - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/865a55c4-1470-47b7-ac3a-2345d8269d2d - PhishDestroy: https://phishdestroy.io/domain/share.kredicash-money.com/ - LLM endpoint: https://phishdestroy.io/domain/share.kredicash-money.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/share.kredicash-money.com/ Last updated: 2026-03-22