# lear-trezorsuite.vercel.app — MALICIOUS

> lear-trezorsuite.vercel.app is a crypto drainer impersonating Trezor hardware wallets. This domain has been flagged by 13/95 VirusTotal vendors.

## Summary
PhishDestroy identifies lear-trezorsuite.vercel.app as an active crypto drainer domain impersonating Trezor’s official hardware wallet suite. This threat is classified as elevated due to its direct targeting of cryptocurrency users and active exploitation in the wild.

This domain was flagged by 13 out of 95 security vendors on VirusTotal, indicating moderate but legitimate detection of malicious intent. It resolves to IP address 216.198.79.131 and is hosted on Vercel Inc.’s infrastructure, a legitimate cloud provider often leveraged by threat actors to host spoofed domains. The domain is actively blocked by OpenPhish, placing it on at least one credible security blocklist, and holds a Google Trust Services SSL certificate—exploited by threat actors to lend false legitimacy to malicious sites. This blend of hosting on a trusted platform and partial detection scores suggests a well-constructed impersonation campaign with partial evasion of automated detection systems.

Users encountering this domain should treat it as a high-risk crypto drainer designed to steal cryptocurrency from victims interacting with fake Trezor wallet interfaces. Avoid any interaction with the site or its embedded content, especially wallet connection prompts. To verify legitimacy, consult official Trezor channels or trusted phishing databases like PhishDestroy. Never enter seed phrases, private keys, or connect hardware wallets to unverified third-party websites. If you have visited this domain, disconnect your device from the internet, revoke any wallet connections immediately, and transfer assets to a secure, isolated wallet. Use hardware wallet verification steps (check device screen for correct domain) before any transaction or login attempt.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Trezor

## Domain Intelligence
- Registrar: Vercel Inc.
- IP: 216.198.79.131

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/lear-trezorsuite.vercel.app
- PhishDestroy: https://phishdestroy.io/domain/lear-trezorsuite.vercel.app/
- LLM endpoint: https://phishdestroy.io/domain/lear-trezorsuite.vercel.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lear-trezorsuite.vercel.app/
Last updated: 2026-04-02