# leddger.live — SUSPICIOUS

> PhishDestroy identifies leddger.live as a Ledger wallet phishing domain flagged by 1 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies leddger.live as an active Ledger wallet phishing domain targeting cryptocurrency users. The domain is currently operational and was created with malicious intent to deceive victims into entering their Ledger wallet recovery phrases or private keys. This threat poses a significant risk to individuals and organizations holding cryptocurrency assets, as successful phishing attempts can result in irreversible financial losses.

This domain was flagged by 1 of 95 VirusTotal security vendors and is registered through Gransy, s.r.o. It resolves to IP address 88.222.222.104 and was created on March 21, 2026. The domain has a low blocklist count and minimal trust scores across threat intelligence platforms, indicating it is a recently established and untrusted entity. The Let's Encrypt SSL certificate provides a false sense of security, as phishing domains often use valid SSL certificates to appear legitimate.

Given the elevated risk level of this phishing campaign, users are strongly advised to avoid interacting with leddger.live and any associated domains or communications. Cryptocurrency holders should verify the authenticity of wallet-related websites by checking official sources and using bookmarked links. Organizations should implement DNS filtering and endpoint protection to block access to this domain. Reporting suspicious domains to PhishDestroy or relevant authorities can help mitigate the spread of this threat. Users who may have already entered sensitive information should immediately transfer their assets to a new wallet and revoke any exposed private keys.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-21 02:07:08
- Registrar: Gransy, s.r.o.
- IP: 88.222.222.104

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5d2b7393-1b59-4376-8a8f-1ff6dfee8f97
- PhishDestroy: https://phishdestroy.io/domain/leddger.live/
- LLM endpoint: https://phishdestroy.io/domain/leddger.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leddger.live/
Last updated: 2026-03-22