# ledgerlive-desktop-people.pages.dev — SUSPICIOUS > A crypto drainer impersonating Ledger on ledgerlive-desktop-people.pages.dev is active with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies a crypto drainer masquerading as the official LedgerLive Desktop application on the domain ledgerlive-desktop-people.pages.dev. This malicious site mimics Ledger’s branding to trick users into downloading a counterfeit installer that drains crypto wallets upon execution. The threat actor leverages a legitimate Cloudflare-hosted page to distribute a malicious payload, bypassing initial detection with a clean 0/95 VirusTotal score at the time of analysis. This domain was flagged by PhishDestroy with the following technical indicators: SSL certificate issued by Google Trust Services, domain registration through Cloudflare, Inc., and resolution to IP address 188.114.97.3. The domain remains unlisted on major blocklists as of the latest check. While the creation date is unverified, the active status indicates ongoing abuse. Users should treat this domain with extreme caution, as it poses a direct risk to cryptocurrency holdings. If you have visited ledgerlive-desktop-people.pages.dev or downloaded any files from the page, immediately disconnect from the internet, scan your device with reputable antivirus software, and review wallet transactions for unauthorized activity. Do not enter any sensitive information or transfer funds from wallets accessed on this domain. Report the incident to PhishDestroy for further analysis and blocklist updates to protect others from this threat. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/ledgerlive-desktop-people.pages.dev - PhishDestroy: https://phishdestroy.io/domain/ledgerlive-desktop-people.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledgerlive-desktop-people.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledgerlive-desktop-people.pages.dev/ Last updated: 2026-04-04