Disallow: /security-research? Crypto Phishing Sites' Failed Attempt to Block Investigators

*Executive Summary:* Censys discovered a phishing campaign impersonating Ledger and Trezor hardware wallet sites by searching for an unusual robots.txt entry (Disallow:/add_web_phish.php), finding over 60 spoofed pages—mostly hosted on free static-site platforms (Cloudflare Pages) and linked to GitHub repositories with similar artifacts and misconfigured READMEs; the campaign appears low in technical sophistication but poses direct financial risk to unsuspecting cryptocurrency users and includes actionable indicators (hostnames, robots.txt pattern, repository traces) for detection and takedown.