# ledgarlive-erj.pages.dev — SUSPICIOUS > ledgarlive-erj.pages.dev hosts a Ledger-branded crypto drainer. VirusTotal flags it at 1/95. Avoid this site—verify URLs with PhishDestroy before clicking. ## Summary PhishDestroy identifies ledgarlive-erj.pages.dev as a live crypto drainer impersonating the Ledger brand to steal cryptocurrency assets. This domain presents a fraudulent replica of Ledger’s official interface, luring users into connecting wallets and signing malicious transactions designed to drain funds. The page leverages Cloudflare Pages hosting to obscure its infrastructure while presenting a convincing HTTPS certificate issued by Google Trust Services, increasing its potential to deceive even cautious users. Users arriving at this page are prompted to “verify” their wallet or enter seed phrases, a classic red flag indicative of an active drainer campaign. This domain was flagged by PhishDestroy with a VirusTotal detection rate of only 1 out of 95 security vendors as of the latest scan, highlighting how stealthy and under-detected such sites can be. Registered through Cloudflare, Inc., the domain resolves to IP 172.66.44.148 and uses the Cloudflare Pages service to rapidly deploy fraudulent landing pages. While the SSL certificate appears legitimate, the underlying intent is malicious: to harvest private keys or authorize unauthorized transactions. If you accessed ledgarlive-erj.pages.dev, immediately disconnect your wallet and revoke any permissions granted. Do not enter any credentials or seed phrases. Run a full malware scan on your device and rotate all sensitive account credentials. Report the domain to PhishDestroy and your wallet provider for further analysis and potential blacklisting. Always verify URLs through trusted sources before interacting with any crypto-related login or transaction page. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.148 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/ledgarlive-erj.pages.dev - PhishDestroy: https://phishdestroy.io/domain/ledgarlive-erj.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledgarlive-erj.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledgarlive-erj.pages.dev/ Last updated: 2026-04-09