# ledger-io-us-com.pages.dev — SUSPICIOUS > ledger-io-us-com.pages.dev is a crypto drainer impersonating Ledger Wallet. Flagged by 0 of 95 VirusTotal vendors. Verify on PhishDestroy immediately. ## Summary PhishDestroy identifies active crypto drainer campaign targeting Ledger Wallet users via ledger-io-us-com.pages.dev. The domain is currently active and hosts a crypto drainer designed to steal cryptocurrency assets. The campaign leverages a fraudulent Ledger-branded interface to trick users into connecting their wallets, leading to unauthorized fund transfers. This domain was flagged by 0 of 95 VirusTotal vendors as of the latest scan, indicating it remains undetected by most antivirus solutions. It is registered through Cloudflare, Inc. and resolves to IP address 172.66.44.184. The SSL certificate is issued by Google Trust Services, which may contribute to a false sense of legitimacy. Threat intelligence suggests this domain is part of a rapidly evolving campaign, with no current listings on major blocklists. The domain is hosted on Cloudflare Pages, a legitimate service often abused by threat actors to deploy phishing and malicious infrastructure quickly and with minimal cost. Given the lack of detection by security vendors and the use of trusted hosting services, the risk posed by ledger-io-us-com.pages.dev is assessed as high and actively evolving. Users are strongly advised to avoid interacting with this domain or any associated links. To verify the legitimacy of Ledger-related communications, users should cross-reference official channels such as the verified Ledger website or app. PhishDestroy recommends blocking the domain at the network level and reporting any suspicious activity to enhance collective defense. Immediate action is critical to mitigate potential financial losses. Additionally, users who may have interacted with this domain should revoke any connected wallet permissions and transfer remaining assets to a secure, offline wallet. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.184 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/8780e830-0639-4592-b508-cbcd3ae6d48b - PhishDestroy: https://phishdestroy.io/domain/ledger-io-us-com.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledger-io-us-com.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledger-io-us-com.pages.dev/ Last updated: 2026-03-22