# ledgerlivedesktop-sso.pages.dev — SUSPICIOUS

> PhishDestroy identifies ledgerlivedesktop-sso.pages.dev as a brand impersonation site mimicking Ledger with 0/95 VirusTotal detections.

## Summary
PhishDestroy has flagged the domain ledgerlivedesktop-sso.pages.dev as an active brand impersonation site targeting Ledger users. This fraudulent page masquerades as the official Ledger Live Desktop Single Sign-On portal to harvest cryptocurrency wallet credentials and seed phrases. Threat actors leverage the trusted Ledger brand to deceive victims into entering sensitive login information, which is then exfiltrated to attacker-controlled servers for unauthorized account access and fund theft.  This domain was flagged under seed 257b92 and shows concerning technical indicators: it currently returns 0 detections out of 95 on VirusTotal, indicating it remains undetected by most antivirus engines as of the latest scan. Registered through Cloudflare, Inc., the domain resolves to IP address 172.66.47.71 and holds a valid SSL certificate issued by Google Trust Services, enhancing its appearance of legitimacy. While the exact creation date is not publicly disclosed, the site’s recent activation and low detection rate suggest it is part of a rapidly evolving campaign.  Users who visited ledgerlivedesktop-sso.pages.dev should immediately disconnect from the internet, clear browser cache and cookies, and perform a full antivirus scan. Do not log in or enter any credentials on this domain. If credentials were entered, revoke access via the official Ledger account dashboard, enable two-factor authentication, and transfer assets to a new wallet using a verified device. Report the incident to Ledger support and monitor accounts for unauthorized transactions. Always access Ledger services via the official website at ledger.com.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.71

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/ledgerlivedesktop-sso.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/ledgerlivedesktop-sso.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgerlivedesktop-sso.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgerlivedesktop-sso.pages.dev/
Last updated: 2026-04-04