0

    Fake Ledger Live app sneaks into Microsoft's app store, $588K stolen

    2023.11.05 | exchangesranking | 807onlookers
    8081b7b6>

    Almost $600,000 in Bitcoin (BTC) has been stolen from users who downloaded a fake Ledger Live application on Microsoft’s app store, according to cryptocurrency sleuth ZachXBT.

    The on-chain analyst spotted the scam, “Ledger Live Web3” on Nov. 5, which is tricking users into thinking that they’re downloading “Ledger Live” — a user interface for Ledger hardware wallets to store cryptocurrency offline.

    Approximately 16.8 BTC worth $588,000 has been received by the scammer across 38 transactions using wallet address, “bc1q….y64q,” according to Blockchain.com. About $115,200 has left the scammer’s wallet across two transactions, leaving it with $473,800 or 13.5 BTC.

    In a follow up post, ZachXBT noted that Microsoft may have removed the fake Ledger Live app from its platform.

    The first transaction sent to the scammer’s wallet address took place on Oct. 24, worth $5,210. Prior to that, the wallet hadn’t been used. Most of these transactions have taken place since Nov. 2, with the largest transfer totaling $81,200 on Nov. 4.

    A search by Cointelegraph found the fake “Ledger Live Web3” application appeared in Microsoft’s app store as early as Oct. 19.

    The fake “Ledger Live Web3” app on Microsoft Apps. Source: Microsoft

    ZachXBT said they have received two messages from victims on Nov. 4 and even argued that Microsoft “should be held liable” for allowing the fake Ledger Live app to appear in its app store.

    Related: Ledger hardware wallet rolls out cloud-based private key recovery tool

    It isn’t the first time a fake Ledger Live app has made its way into Microsoft’s app store either.

    Ledger’s support account on X (formerly Twitter) informed its users about a fake Ledger Live app on two separate occasions in December and March.

    Ledger hasn’t commented on the scam but has previously iterated to users that the "only safe place" to download Ledger Live is from its website, ledger.com.

    Cointelegraph reached out to Microsoft for comment but did not receive an immediate response.

    Magazine: ‘Account abstraction’ supercharges Ethereum wallets: Dummies guide

    The content on this website comes from the Internet. Due to the inconvenience of proofreading the authenticity and accuracy of the copyright or content of some content, it may be temporarily impossible to confirm the authenticity and accuracy of the copyright or content. For copyright issues or other ssues caused by this, please Call or email this site. It will be deleted or changed immediately after verification.