# officialpage-leger-io.framer.media — MALICIOUS > officialpage-leger-io.framer.media is a crypto drainer scam impersonating Ledger. VirusTotal flags it: 14 of 95 vendors. Verify on PhishDestroy. ## Summary PhishDestroy identifies officialpage-leger-io.framer.media as an active crypto drainer scam impersonating the Ledger hardware wallet brand. This fraudulent site is currently operational and poses an elevated risk to cryptocurrency users who may unknowingly connect their wallets, leading to unauthorized fund transfers. The domain is engineered to mimic official Ledger support pages, tricking users into entering sensitive wallet recovery phrases or approving malicious transactions. This domain was flagged by 14 of 95 VirusTotal security vendors, confirming its malicious nature. It resolves to IP address 31.43.161.6 and utilizes a Let’s Encrypt SSL certificate for spoofed legitimacy. The infrastructure suggests recent deployment, though specific creation or registration details remain unverified in public databases. This site has not yet been widely blocklisted, as evidenced by its absence from major threat intelligence feeds beyond VirusTotal detections. Trust scores across security platforms are uniformly low, reinforcing its classification as a high-risk domain designed for financial exploitation. Users are strongly advised to avoid interacting with officialpage-leger-io.framer.media and to verify any Ledger-related URL through official channels. Cryptocurrency holders should enable wallet app verification features and revoke suspicious contract permissions immediately. If exposure occurs, transfer assets to a secure wallet, reset device firmware, and report the incident to Ledger support and relevant financial authorities. PhishDestroy urges vigilance against crypto drainer scams leveraging brand impersonation via rapidly deployed domains. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 31.43.161.6 ## Detection Status - VirusTotal: 14 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/officialpage-leger-io.framer.media - PhishDestroy: https://phishdestroy.io/domain/officialpage-leger-io.framer.media/ - LLM endpoint: https://phishdestroy.io/domain/officialpage-leger-io.framer.media/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/officialpage-leger-io.framer.media/ Last updated: 2026-04-09