# lederliveapp.pages.dev — SUSPICIOUS > Domain lederliveapp.pages.dev impersonates Ledger with a drainer kit. VirusTotal flags 3/95 vendors. Check the full report. ## Summary Domain lederliveapp.pages.dev is an active brand impersonation scam targeting Ledger cryptocurrency wallet users. This fraudulent site, registered via Cloudflare, hosts a drainer kit designed to steal crypto assets by tricking victims into connecting their Ledger devices. The threat is elevated due to its use of social engineering tactics and active hosting on a legitimate cloud provider. Technical analysis confirms this is not a generic phishing attempt but a targeted attack leveraging brand trust to extract sensitive wallet data and funds. This domain was flagged by PhishDestroy with the following indicators: VirusTotal detection score of 3/95 security vendors, resolving to IP 172.66.44.220, and registration through Cloudflare, Inc. Google Safe Browsing has classified the site as SOCIAL_ENGINEERING activity, indicating deliberate deceit. The domain is currently active and remains unblocked by major threat intelligence platforms. Current blocklist coverage is minimal, with only 3 vendors flagging the domain, leaving potential victims exposed. The domain lederliveapp.pages.dev remains active and poses an ongoing risk to Ledger users. Immediate actions include blocking the domain at network and endpoint levels, updating browser-based blocklists, and notifying Ledger’s security team for takedown coordination. Users should verify all wallet-related domains through official Ledger channels and avoid interacting with unsolicited links. While the current risk is elevated, proactive blocking and public awareness can reduce exposure. Remaining risk is moderate due to the domain’s active status and low blocklist coverage. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.220 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/3d40ba58-f1b5-4ba7-91d9-9dce407eeee9 - PhishDestroy: https://phishdestroy.io/domain/lederliveapp.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/lederliveapp.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/lederliveapp.pages.dev/ Last updated: 2026-03-25