# xn--krken10-bn4c.com — MALICIOUS

> PhishDestroy identifies xn--krken10-bn4c.com as a credential-harvesting phishing site. 9 of 95 VirusTotal engines flag the domain, detected since creation on.

## Summary
PhishDestroy identifies xn--krken10-bn4c.com as a credential-harvesting phishing site that attempts to trick visitors into entering login details. Once harvested, those credentials are used to take over accounts on legitimate services.

This domain was flagged by 9 out of 95 VirusTotal security engines and was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on November 30, 2024. The site resolves to IP address 172.67.191.160 and holds a valid Let’s Encrypt SSL certificate, making it appear more trustworthy to potential victims.

If you visited this site, stop using any passwords you may have entered and change them on legitimate services immediately. Use a password manager to generate and store new, unique passwords. Report the domain to your organization’s security team or forward suspicious emails to your IT department if you encountered a link in an email.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-11-30 03:51:49
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.191.160

## Detection Status
- VirusTotal: 9 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7a0fe0c8-36aa-4956-aee3-280614429069
- PhishDestroy: https://phishdestroy.io/domain/xn--krken10-bn4c.com/
- LLM endpoint: https://phishdestroy.io/domain/xn--krken10-bn4c.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/xn--krken10-bn4c.com/
Last updated: 2026-03-28