# ledger-live-crypto-io.pages.dev — SUSPICIOUS > ledger-live-crypto-io.pages.dev is a fake Ledger Live crypto drainer. VirusTotal shows 0/95 detections. Verify on PhishDestroy and never share recovery phrases. ## Summary PhishDestroy identifies ledger-live-crypto-io.pages.dev as an active Ledger brand impersonation site designed to deceive users into connecting crypto wallets or entering private keys. This malicious domain masquerades as the official Ledger Live platform, pushing a crypto drainer that silently transfers assets upon wallet connection. The threat is classified as a high-risk impersonation scam due to its use of HTTPS via Google Trust Services and deployment on Cloudflare Pages, lending false legitimacy to the fraudulent interface. Technical analysis reveals this domain is freshly minted and lightly scanned: VirusTotal currently flags it with 0 detections out of 95 security engines, indicating it has evaded broad detection thus far. Registered through Cloudflare, Inc. and resolving to IP 172.66.44.114, the site exploits the .pages.dev subdomain to appear as part of a legitimate developer platform. While the SSL certificate issued by Google Trust Services suggests HTTPS encryption, this only authenticates the connection—not the content—making it a common tactic in phishing campaigns to gain user trust. The domain was created recently, lacks historical presence, and is not yet widely blocked across threat intelligence feeds. Users who have visited ledger-live-crypto-io.pages.dev should immediately assume exposure to a credential-stealing or wallet-draining attack. If a wallet was connected or private keys were entered, revoke all session permissions in the wallet’s app settings and transfer remaining funds to a new, isolated address. Never reuse recovery phrases or seed phrases across platforms. Report the domain to PhishDestroy and your wallet provider. Always access Ledger services only via the official website ledger.com or verified app stores. For full protection, enable hardware wallet verification and use transaction simulation tools before approving any transfers. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.114 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/4dd82ad9-b695-4479-8fc9-c5a6fbc52d4a - PhishDestroy: https://phishdestroy.io/domain/ledger-live-crypto-io.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledger-live-crypto-io.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledger-live-crypto-io.pages.dev/ Last updated: 2026-03-22