# ledger-comstart-sso.dream.space — MALICIOUS > ledger-comstart-sso.dream.space is a crypto drainer impersonating Ledger. 8/95 security vendors flag this domain. Verify now on PhishDestroy. ## Summary PhishDestroy identifies ledger-comstart-sso.dream.space as an elevated-risk domain actively impersonating the Ledger hardware wallet brand to deploy crypto-draining malware. This threat falls under brand impersonation with malicious payload delivery, targeting users’ crypto assets through deceptive login portals. The domain was registered on November 08, 2024, and has already attracted attention from security vendors, with 8 out of 95 flagging it as malicious, indicating early-stage but active abuse. This domain was flagged by VirusTotal with a detection ratio of 8/95 security vendors, uses a Google Trust Services SSL certificate, and resolves to IP 104.18.20.20. It is hosted through GoDaddy.com, LLC, and represents a clear case of brand hijacking targeting Ledger users seeking secure wallet support. The combination of recent creation, high-risk hosting infrastructure, and low but growing detection rate suggests a rapidly evolving threat that could escalate as malicious activity spreads. Users should avoid interacting with this domain entirely. If you’ve visited ledger-comstart-sso.dream.space, disconnect your device from the internet immediately, scan for malware using reputable antivirus tools, and revoke any active browser sessions or wallet connections. For ongoing protection, always access Ledger services via official channels (ledger.com) and use PhishDestroy to verify suspicious links before clicking. Never enter credentials or seed phrases on untrusted sites. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registered: 2024-11-08 11:42:24 - Registrar: GoDaddy.com, LLC - IP: 104.18.20.20 ## Detection Status - VirusTotal: 8 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/8fcc1948-5496-433f-9ad5-df2510c7d609 - PhishDestroy: https://phishdestroy.io/domain/ledger-comstart-sso.dream.space/ - LLM endpoint: https://phishdestroy.io/domain/ledger-comstart-sso.dream.space/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledger-comstart-sso.dream.space/ Last updated: 2026-03-29