# ladger-wallet-welcome.pages.dev — MALICIOUS

> Security advisory for crypto-draining site ladger-wallet-welcome.pages.dev. 7 of 95 VirusTotal vendors flagged it. Review the full report now.

## Summary
PhishDestroy identifies ladger-wallet-welcome.pages.dev as an active crypto-draining domain that impersonates a Ledger wallet welcome page to trick victims into connecting their crypto wallets. This site is not a legitimate Ledger service and should never be used for cryptocurrency transactions or wallet setup.

This domain was flagged by 7 of 95 VirusTotal security vendors and is served from Cloudflare via the IP 172.66.44.155. It holds a valid Google Trust Services SSL certificate, giving it a veneer of legitimacy while quietly draining tokens whenever a victim approves a fraudulent wallet connection. The domain resolves via the Cloudflare Pages platform, which has become a favored hosting vector for short-lived crypto-drain campaigns in recent months.

If you visited ladger-wallet-welcome.pages.dev—or any page that prompted you to connect a wallet—disconnect your wallet immediately and revoke any suspicious approvals using reputable blockchain tools such as Etherscan’s Token Approval Checker or Revoke.cash. Run a malware scan on the device you used, rotate all exposed private keys, and enable hardware wallet signing for future transactions. Report the domain to your security team and to Ledger’s official support channels to help shut down the campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.155

## Detection Status
- VirusTotal: 7 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e38f13fa-c9a5-48fb-be90-9d68cb7794ca
- PhishDestroy: https://phishdestroy.io/domain/ladger-wallet-welcome.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ladger-wallet-welcome.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ladger-wallet-welcome.pages.dev/
Last updated: 2026-03-22