# bx-ledger-live.pages.dev — SUSPICIOUS > bx-ledger-live.pages.dev mimics Ledger's official site to steal crypto via fake login. Flagged by 0 of 95 VirusTotal engines, verify safety on PhishDestroy. ## Summary The domain bx-ledger-live.pages.dev has been identified as an active impersonation scam targeting users of Ledger, the cryptocurrency hardware wallet brand. This site masquerades as 'Ledger Live'—the official application for managing Ledger devices—to deceive victims into entering their recovery phrases or private keys, enabling direct theft of digital assets. The threat is currently classified as brand impersonation with a risk level marked as 'under_investigation' by PhishDestroy's threat intelligence system. Users who interact with this domain risk irreversible financial losses due to the irreversible nature of cryptocurrency transactions. PhishDestroy's analysis reveals this domain is hosted on Cloudflare's infrastructure, resolving to IP address 172.66.47.44 with an SSL certificate issued by Google Trust Services. As of the latest scan, the domain has received zero detections from 95 VirusTotal vendors, indicating it remains under the radar of mainstream security tools. The domain is registered through Cloudflare, Inc., leveraging the company's privacy protection services to obscure ownership details. Despite its current clean status on detection platforms, the site actively impersonates Ledger's legitimate services, including the branding and domain structure commonly associated with the official 'Ledger Live' application. The absence of detections does not correlate with safety, as many crypto drainers and phishing sites evade detection until significant harm has occurred. The current status of bx-ledger-live.pages.dev is classified as 'active,' with continuous monitoring by PhishDestroy's automated systems. Security researchers are urged to treat this domain as hostile until further evidence confirms its takedown or deactivation. Users who suspect exposure to this scam should immediately revoke any entered credentials on their Ledger devices, transfer funds to a new wallet, and perform a factory reset on the compromised device. PhishDestroy recommends verifying the legitimacy of any Ledger-related domains by cross-referencing the official website (ledger.com) or using PhishDestroy's domain verification tools. Additionally, enabling passphrase protection and two-factor authentication on Ledger devices can mitigate the risk of unauthorized access. For enterprises or individuals managing large crypto holdings, consider deploying hardware wallet firewalls or air-gapped transaction signing processes to prevent phishing-induced losses. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.44 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/61158d61-48be-4038-971f-e3874bc124c4 - PhishDestroy: https://phishdestroy.io/domain/bx-ledger-live.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/bx-ledger-live.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bx-ledger-live.pages.dev/ Last updated: 2026-03-22