# connect-us-ledger-live.pages.dev — SUSPICIOUS > connect-us-ledger-live.pages.dev impersonates Ledger Live login to steal crypto. 3 of 95 VirusTotal scanners flag this active phishing page. ## Summary PhishDestroy identifies connect-us-ledger-live.pages.dev as an active Ledger brand impersonation site currently hosting a fake Ledger Live login page. This phishing page attempts to trick visitors into entering their 24-word recovery phrase or Ledger account credentials, which are then harvested by attackers to drain cryptocurrency wallets. The site uses a Google Trust Services SSL certificate and resolves to IP 172.66.46.237, but its Cloudflare registration and deceptive subdomain structure clearly indicate malicious intent rather than legitimate Ledger infrastructure. PhishDestroy’s analysis reveals that exactly 3 out of 95 VirusTotal security vendors flag this domain as malicious. The page was registered through Cloudflare, Inc., a common choice among phishing operators to obscure hosting details and evade takedown efforts. While the domain itself uses Cloudflare Pages, it has no affiliation with Ledger SAS or its official Ledger Live software. If you visited connect-us-ledger-live.pages.dev or entered any credentials or recovery phrases, stop using the wallet immediately and transfer all remaining funds to a new, secure wallet. Revoke any connected applications and enable two-factor authentication on all exchange accounts. Report the incident to Ledger support and file a complaint with your local cybercrime unit. Monitor your email and wallet addresses for targeted phishing campaigns following exposure. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.46.237 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2e56ba11-99ec-490d-80ed-b302fa9b6704 - PhishDestroy: https://phishdestroy.io/domain/connect-us-ledger-live.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/connect-us-ledger-live.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/connect-us-ledger-live.pages.dev/ Last updated: 2026-03-25