# lledger-live.pages.dev — MALICIOUS

> PhishDestroy identifies lledger-live.pages.dev as a Ledger brand impersonation phishing site. 12/95 VirusTotal detections reported. Check the full report.

## Summary
PhishDestroy identifies lledger-live.pages.dev as a live brand impersonation phishing site impersonating the Ledger cryptocurrency wallet ecosystem. This malicious domain (pages.dev subdomain) lures users with a counterfeit Ledger Live interface to harvest private keys, seed phrases, and login credentials. The page mirrors official Ledger branding and UI flows, increasing the risk of credential theft and cryptocurrency theft for unsuspecting visitors.  This domain was flagged by 12 out of 95 VirusTotal security vendors within hours of activation. It was registered through Cloudflare, Inc., resolving to IP 172.66.46.210, and secured with a Google Trust Services SSL certificate to appear legitimate. The combination of a deceptive subdomain, high-risk hosting via Cloudflare Pages, and partial detection coverage highlights its elevated threat level.  Users who accessed lledger-live.pages.dev should immediately revoke any entered credentials, disconnect associated wallets, and scan devices for malware. Do not enter seed phrases or private keys on this site. Report any interaction to Ledger’s official fraud channels and block the domain at the network level. If funds were exposed, contact your exchange or wallet provider and file incident reports with local cybercrime units.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.210

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/lledger-live.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/lledger-live.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/lledger-live.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lledger-live.pages.dev/
Last updated: 2026-04-02