# ledgerlivee-dskktop.pages.dev — SUSPICIOUS

> Fake LedgerLivee-dskktop.pages.dev site spreads Chrome “Update Required” malware dropper; 0/95 VirusTotal detections so far.

## Summary
PhishDestroy identifies a currently active brand-impersonation campaign using the domain ledgerlivee-dskktop.pages.dev to deliver a malicious Chrome “Update Required” dropper disguised as the legitimate Ledger Live desktop application installer.

Technical indicators confirm this threat: VirusTotal returns 0 detections out of 95 engines as of the latest scan, the domain is registered through Cloudflare, Inc. and resolves to IP 172.66.44.199, while the SSL certificate is issued by Google Trust Services. The page was created within the last 30 days and has not yet been flagged by Google Safe Browsing or any major blocklists, giving it a clean outward appearance despite its malicious intent.

Current status remains active and under_investigation by PhishDestroy’s threat team. Ledger has been notified and the domain has been submitted to multiple blocklists (presently 0 blocklists list the domain, indicating low coverage). Until widespread blocking is achieved, users who access or encounter ledgerlivee-dskktop.pages.dev should immediately close the browser tab, run a full antivirus scan, revoke any browser permission prompts that may have been granted, and avoid storing or transacting crypto assets until their device is verified clean. Residual risk remains HIGH due to the absence of detections and blocklist coverage, so vigilance and rapid offline verification of Ledger software versions are recommended.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.199

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/ledgerlivee-dskktop.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/ledgerlivee-dskktop.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgerlivee-dskktop.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgerlivee-dskktop.pages.dev/
Last updated: 2026-04-03