Skip to content

Phishing | app.ledger-lives-desktop.io #2178

Description

@abaev020-svg

What are the subjects of the phishing (domains, URLs or IPs)?

https://ledger-lives-desktop.io
https://app.ledger-lives-desktop.io

What are the impersonated domains?

  • https://ledger.com
  • https://www.ledger.com
  • https://www.ledger.com/ledger-live
  • https://www.ledger.com/start
  • https://support.ledger.com
  • https://www.ledger.com/academy

Where or how did you discover this phishing?

I discovered this phishing website through search engine results while investigating cryptocurrency phishing campaigns targeting Ledger users.

The phishing pages impersonate the official Ledger website and Ledger Live application, use the Ledger trademark and branding, and attempt to deceive users into connecting their wallets and revealing their 24-word recovery phrase (seed phrase), resulting in cryptocurrency theft.

Do you have a screenshot?

Image Image
Screenshot

Related external source

https://urlscan.io/result/...
https://www.virustotal.com/gui/url/...
https://github.com/scamsniffer/scam-database/issues/...

Additional Information or Context

The phishing campaign uses multiple domains and subdomains impersonating the official Ledger brand and Ledger Live application.

The websites copy the official Ledger interface, including the device selection page, and abuse the Ledger trademark to deceive cryptocurrency users.

The phishing pages are designed to trick victims into connecting their wallets and revealing their 24-word recovery phrase (seed phrase), resulting in cryptocurrency theft.

Please investigate and add all associated URLs to the phishing database.

Metadata

Metadata

Labels

phishing-reportA Phishing report that has to be verified.

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
🆕 New

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions