# connect-ledger-live-wallet.pages.dev — MALICIOUS > connect-ledger-live-wallet.pages.dev mimics the official Ledger wallet to steal crypto funds. It hosts a phishing page flagged by 5 of 95 VirusTotal scanners. ## Summary This domain, connect-ledger-live-wallet.pages.dev, is actively impersonating Ledger’s official wallet service to deceive users into entering private keys or recovery phrases. The site mimics the legitimate Ledger Live interface, tricking visitors into surrendering sensitive cryptocurrency wallet data. Once captured, attackers can drain wallets directly tied to the exposed credentials, resulting in irreversible financial losses. This is a classic brand impersonation attack leveraging Ledger’s reputation to exploit trust in the cryptocurrency ecosystem. This site resolves to IP 188.114.97.3 and is hosted on a Google Trust Services SSL certificate, which may appear legitimate at first glance but is used to lend false credibility to the fraudulent page. PhishDestroy identifies this domain as a high-risk threat based on multiple detection layers. Five of 95 VirusTotal security vendors have flagged it, indicating widespread suspicion in the threat intelligence community. The domain is registered through Cloudflare, Inc., a common privacy-focused registrar often exploited by malicious actors to obscure ownership details. While the SSL certificate is issued by a trusted provider (Google Trust Services), it does not validate the legitimacy of the content — it only confirms the site uses HTTPS encryption. The domain’s age and hosting infrastructure further mask its malicious intent, making it difficult for users to distinguish from the real Ledger Live service. If you visited connect-ledger-live-wallet.pages.dev, do not enter any wallet passwords, recovery phrases, or seed phrases on the site. Immediately disconnect from the page and inspect your browser’s address bar for misspellings or unusual subdomains like “pages.dev.” If you entered any sensitive information, assume it has been compromised and transfer your cryptocurrency assets to a newly generated wallet with a different seed phrase. Enable two-factor authentication (2FA) on all crypto accounts and monitor transactions for unauthorized activity. Report the domain to Ledger’s official support channels and update your security awareness regarding fake wallet sites. Always access Ledger Live via the official domain (ledger.com) or verified app store links. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 5 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/7cb0b044-515e-4668-8e1e-9d6070c031cb - PhishDestroy: https://phishdestroy.io/domain/connect-ledger-live-wallet.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/connect-ledger-live-wallet.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/connect-ledger-live-wallet.pages.dev/ Last updated: 2026-03-23