# ledger-aaps-hub.pages.dev — SUSPICIOUS > Ledger-aaps-hub.pages.dev is a crypto drainer mimicking Ledger Live. VirusTotal flags it at 0/95 detections. Avoid this fraudulent domain immediately. ## Summary PhishDestroy identifies ledger-aaps-hub.pages.dev as a live crypto drainer actively impersonating Ledger hardware wallet services to steal cryptocurrency assets. This fraudulent domain masquerades as an official Ledger Live interface, tricking users into entering seed phrases or private keys under the guise of ‘recovery’ or ‘verification.’ Once credentials are entered, the drainer automatically transfers funds to attacker-controlled wallets, resulting in irreversible financial loss. The domain leverages Cloudflare’s infrastructure and a Google Trust Services SSL certificate to appear legitimate, while resolving to IP 172.66.47.200, a known dynamic hosting endpoint frequently abused by malicious actors for short-lived campaigns. This domain was flagged by PhishDestroy with a VirusTotal detection rate of 0 out of 95 security engines, indicating it currently evades most antivirus and threat intelligence platforms. Registered through Cloudflare, Inc., the site operates under the .pages.dev subdomain, a common vector for phishing pages due to its low barrier to creation and anonymity. While the exact creation date remains unverified due to Cloudflare’s privacy protections, the domain remains active and responsive, hosting a convincing replica of the Ledger Live login portal. The absence of detections suggests a newly deployed or highly evasive threat, likely targeting users during peak cryptocurrency activity or market events. If you have visited ledger-aaps-hub.pages.dev, cease all interaction immediately and assume your cryptocurrency wallet credentials may be compromised. Disconnect any affected devices from the internet, revoke any entered seed phrases or private keys, and transfer remaining assets to a new, secure wallet with a unique recovery phrase. Enable two-factor authentication on all related accounts, scan your device for malware using a reputable antivirus tool, and report the domain to your wallet provider and relevant cybersecurity authorities. Monitor blockchain transactions closely for unauthorized transfers and consider freezing assets in high-risk wallets pending forensic review. Always verify URLs manually and use bookmarked official links for Ledger services to avoid similar threats. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.200 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/3e742dd1-56c0-4fa0-a96d-a612a4930ab2 - PhishDestroy: https://phishdestroy.io/domain/ledger-aaps-hub.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledger-aaps-hub.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledger-aaps-hub.pages.dev/ Last updated: 2026-03-22