EN ES PT
Back to Stats

Visual Capture

Screenshot of ledgersecuritycheck.org

Detection Info

https://ledgersecuritycheck.org/
Detected Brand
Ledger
Country
Unknown
Confidence
100%
HTTP Status
200
Report ID
38a5334e-c7aโ€ฆ
Analyzed
2026-07-15 11:28
Final URL (after redirects)
https://www.ledgersecuritycheck.org/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T13BC15772C008EA2F436B8CDAF2B1E68F3217C757FF070560D29E52958BD2E85AD5D948
CONTENT ssdeep
48:T1ztXjIcIajTnjgznjzGBZyL0SCwLu7Axt42fyA4KEBo:TjXjJ/TjIj2ZyLPC7utraA4Kko

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
83463c39386fc7c6
VISUAL aHash
00007e3f3f7f071f
VISUAL dHash
ffffc4dce8dcfff7
VISUAL wHash
00007f1f3f7f031f
VISUAL colorHash
10006000040
VISUAL cropResistant
ffffc4dce8dcfff7

Code Analysis

Risk Score 25/100
Threat Level ALTO
โš ๏ธ Phishing Confirmed
Telegram Exfiltration

๐Ÿ“ก API Calls Detected

  • POST

๐Ÿ”‘ Telegram Bot Tokens (1)

  • 8915577688:AAHO...UKF4BS3M

๐Ÿ“Š Risk Score Breakdown

Total Risk Score
70/100

Contributing Factors

Telegram Exfiltration
Real-time data exfiltration via Telegram (1 bot token(s) exposed in client-side code)

๐Ÿ”ฌ Comprehensive Threat Analysis

Threat Type
Data Exfiltration Campaign
Target
Ledger users
Attack Method
Phishing webpage
Exfiltration Channel
Telegram Bot (8915577688:AAHOUaedW...)
Risk Assessment
LOW - Automated credential harvesting with Telegram Bot (8915577688:AAHOUaedW...)

โš ๏ธ Indicators of Compromise

  • 1 Telegram bot token(s)

๐Ÿข Brand Impersonation Analysis

Impersonated Brand
Ledger
Official Website
N/A
Fake Service
Account verification service

โš”๏ธ Attack Methodology

Primary Method: Brand Impersonation Redirect

Impersonates Ledger to build victim trust through search engine manipulation or malicious advertisements. Often redirects to credential theft pages or serves malware disguised as legitimate software.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.

๐Ÿ“ก Telegram Command & Control Infrastructure

Bot Token (Masked)
8915577688:AAHO...UKF4BS3M
Bot ID
8915577688
Group/Chat ID
Unknown
Operator Language
Unknown

๐Ÿ’ฌ Message Templates (3)

ID Portuguese English Trigger

๐ŸŒ Infrastructure Indicators of Compromise

Domain Information

Domain
ledgersecuritycheck.org
Registered
2026-06-19 15:06:13+00:00
Registrar
eNom, LLC
Status
Recently registered (25 days old)

Hosting Information

Provider
eNom, LLC
ASN

๐Ÿค– AI-Extracted Threat Intelligence

๐Ÿ˜ฐ
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.