# ledger-live-cloud-desktop.pages.dev — SUSPICIOUS

> ledger-live-cloud-desktop.pages.dev is a Ledger-branded cryptocurrency drainer. 2 of 95 VirusTotal engines flag the domain. Verify via PhishDestroy before use.

## Summary
PhishDestroy identifies ledger-live-cloud-desktop.pages.dev as an active impersonation domain that specifically mimics Ledger’s Live Cloud Desktop to deploy a cryptocurrency-draining payload. The risk level is elevated due to both the high-fidelity brand replication and the presence of a live drainer on the page. This campaign targets holders of Ledger hardware wallets, attempting to trick users into connecting their devices to a malicious interface that siphons private keys or signs rogue transactions.

This domain was flagged with 2 out of 95 VirusTotal security vendors detecting the threat at the time of analysis. It is registered via Cloudflare, Inc., resolves to IP 172.66.47.82, and is covered by a Google Trust Services SSL certificate. The landing page leverages Cloudflare Pages hosting, making it immediately accessible and fast-changing. The domain shows no prior inclusion on major blocklists such as PhishTank or OpenPhish at detection time, indicating a recently spun-up operation using cloud infrastructure to evade traditional blocklists. Static WHOIS data places the creation date within the last 30 days, aligning with observed campaign patterns of short-lived crypto-drainer domains.

Users should immediately cease interaction with ledger-live-cloud-desktop.pages.dev and verify all Ledger-related links via the official Ledger Live application or verified website. Never download or connect wallet software through third-party cloud links. Enable passphrase protection on your Ledger device, verify recipient addresses on-screen before signing, and monitor transaction approvals via the device’s display. Report the domain to PhishDestroy and your security team for rapid takedown and community protection.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.82

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e0af3973-ba75-440e-8f0c-a435b26ea839
- PhishDestroy: https://phishdestroy.io/domain/ledger-live-cloud-desktop.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledger-live-cloud-desktop.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger-live-cloud-desktop.pages.dev/
Last updated: 2026-03-22