# lidgeirlivewallet.webflow.io — MALICIOUS

> lidgeirlivewallet.webflow.io identified as Ledger brand impersonation crypto drainer, flagged by 19 of 95 VirusTotal vendors. Act now.

## Summary
lidgeirlivewallet.webflow.io has been confirmed as an active brand impersonation scam site targeting Ledger users. This domain is currently engaged in malicious activities designed to deceive visitors into revealing sensitive wallet credentials or transferring cryptocurrency to attacker-controlled addresses. The campaign exploits the reputation of the legitimate Ledger brand to establish trust and increase the likelihood of successful victim engagement.  lidgeirlivewallet.webflow.io was flagged by 19 of 95 VirusTotal security vendors, indicating significant malicious detection. The domain resolves to IP address 104.18.36.248 and utilizes an SSL certificate issued by Google Trust Services, which may be leveraged to appear legitimate. The domain is hosted on Webflow’s platform, suggesting potential abuse of reputable infrastructure to enhance credibility. While specific registrar and creation date details are not provided in available intelligence, the high detection rate and active status highlight an elevated threat level. The presence of an SSL certificate from a trusted authority increases the risk of user deception.  The current status of lidgeirlivewallet.webflow.io is active, with no evidence of takedown. Concrete recommendations include blocking the domain at the network and DNS levels, updating browser and security tool blocklists to include this indicator, and warning Ledger users to verify all URLs before interacting. Additionally, users should enable multi-factor authentication on all cryptocurrency accounts and avoid entering sensitive information into web forms unless absolutely certain of legitimacy. Security teams are advised to monitor for related domains and IPs, particularly those mimicking Ledger branding, and to deploy network-level protections to prevent access. Immediate remediation is strongly advised due to the elevated risk of financial loss.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248

## Detection Status
- VirusTotal: 19 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/26b7ddb1-edde-4034-a3e0-04ab9d235114
- PhishDestroy: https://phishdestroy.io/domain/lidgeirlivewallet.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/lidgeirlivewallet.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lidgeirlivewallet.webflow.io/
Last updated: 2026-04-01