# ledger-li-ve-desk-top-us.pages.dev — SUSPICIOUS

> PhishDestroy identifies fake Ledger Desktop site ledger-li-ve-desk-top-us.pages.dev stealing crypto credentials. 0/95 VirusTotal detections.

## Summary
PhishDestroy’s automated scans flagged ledger-li-ve-desk-top-us.pages.dev as a fraudulent desktop client designed to mimic Ledger’s official software interface and steal cryptocurrency wallet credentials. The site uses a convincing visual copy of Ledger Live to trick visitors into entering their recovery phrases or seed words. Once entered, the credentials are collected by the attackers and used to drain wallets directly.  This domain was flagged on edbe3c after it showed zero detections out of 95 VirusTotal engines, indicating it is currently undetected by many antivirus tools. It resolves to IP 188.114.96.3, was registered through Cloudflare on an unknown date, and uses a Google Trust Services SSL certificate to appear legitimate. All evidence points to an active brand impersonation campaign targeting Ledger users.  If you visited ledger-li-ve-desk-top-us.pages.dev, assume your credentials or wallet data may have been compromised. Disconnect any connected wallets immediately, revoke access permissions in your wallet settings, and transfer remaining funds to a newly generated wallet using official Ledger software downloaded only from ledger.com. Change all passwords used on the fake site and enable two-factor authentication where available. Report the incident to Ledger support and consider informing your email provider of a potential phishing campaign targeting you.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4336b79f-8e34-438a-bd2b-1fba4696ac85
- PhishDestroy: https://phishdestroy.io/domain/ledger-li-ve-desk-top-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledger-li-ve-desk-top-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger-li-ve-desk-top-us.pages.dev/
Last updated: 2026-04-13