# home-app-ledger.webflow.io — MALICIOUS

> home-app-ledger.webflow.io is a live crypto drainer phishing site with 19/95 VirusTotal detections. Exploits Ledger brand trust.

## Summary
PhishDestroy identifies home-app-ledger.webflow.io as an active crypto-drainer domain posing immediate risk to cryptocurrency users. This fraudulent page mimics legitimate Ledger ecosystem apps to trick visitors into connecting wallets and authorizing malicious token transfers. Security vendors widely flag the domain: VirusTotal detection count stands at 19 engines out of 95, indicating elevated maliciousness. The site resolves to IP 104.18.36.248 and uses a Google Trust Services SSL certificate to appear legitimate.  

This domain was flagged for crypto-drainer activity, leveraging brand impersonation to harvest private keys and drain digital assets. Technical details include a VirusTotal score of 19/95 security vendors, confirming widespread suspicion. The domain operates under Webflow’s infrastructure while exploiting Ledger’s trusted brand to bypass user scrutiny. Continuous monitoring shows persistent availability, indicating active exploitation by threat actors.  

If you visited home-app-ledger.webflow.io, immediately disconnect all wallets, revoke any unauthorized token approvals through tools like Etherscan or Revoke.cash, and scan devices for malware. Do not interact with any prompts requesting wallet connections or signature approvals. Report the domain to your security team and block it at the network level. Monitor wallet transactions closely for suspicious outbound transfers and consider transferring remaining assets to a newly generated, hardware-isolated wallet address.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248

## Detection Status
- VirusTotal: 19 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/869af224-14ae-4d4b-beb0-f9a98af236a5
- PhishDestroy: https://phishdestroy.io/domain/home-app-ledger.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/home-app-ledger.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/home-app-ledger.webflow.io/
Last updated: 2026-03-29