- Fake Ledger Live app sneaks into Microsoft’s app store, $588K stolen
- The $588,000 was stolen across 38 transactions, with the largest transfer totaling $81,200.
According to cryptocurrency detective ZachXBT, nearly $600,000 in Bitcoin was stolen from consumers who downloaded a bogus Ledger Live software from Microsoft’s app store.
Community Alert: There is currently a fake @Ledger Live app on the official @Microsoft App Store which was resulted in 16.8+ BTC ($588K) stolen
Scammer address
bc1qg05gw43elzqxqnll8vs8x47ukkhudwyncxy64q pic.twitter.com/rOZ0ZWRWbn— ZachXBT (@zachxbt) November 5, 2023
On Nov. 5, an on-chain analyst discovered the scam “Ledger Live Web3,” which dupes users into thinking they’re installing “Ledger Live” — a user interface for Ledger hardware wallets to store cryptocurrency offline.
According to Blockchain.com, the fraudster collected about 16.8 BTC worth $588,000 via 38 transactions using the wallet address “bc1q….y64q.” The scammer’s wallet has lost almost $115,200 in two transactions, leaving it with $473,800 or 13.5 BTC.
ZachXBT mentioned in a follow-up post that Microsoft may have removed the bogus Ledger Live app from its platform.
Update: Looks like Microsoft finally removed the fake Ledger Live app pic.twitter.com/LFB519Nekq
— ZachXBT (@zachxbt) November 5, 2023
On October 24, a $5,210 transaction was sent to the scammer’s wallet address. The wallet had never been used before. The majority of these transfers have occurred since November 2, with the largest transfer costing $81,200 on November 4.
Read Also: A Uniswap User Lost $700,000 to an MEV Bot — But it Only Made $260
Bitcoinworld discovered the fake “Ledger Live Web3” application in Microsoft’s app store as early as October 19th.
On November 4, ZachXBT said he got two messages from victims and even argued that Microsoft “should be held liable” for letting the fraudulent Ledger Live software to appear in its app store.
Wow that’s insane 🙁
— Zain 🕺 (@zaingaziani) November 5, 2023
It’s not the first time a fake Ledger Live app has appeared in Microsoft’s app store.
On two consecutive occasions in December and March, Ledger’s support account on X (previously Twitter) notified its users about a fraudulent Ledger Live app.
🚨 Hey #ledger users
Beware of fake Ledger Live apps published on the Microsoft Store👀
The only safe place to download Ledger Live is on our website👇https://t.co/cDLX1rEWPf
Ledger will NEVER ask you for your 24-word recovery phrase ❌
Stay safe 🙏 pic.twitter.com/0dXTJ7FeuO
— Ledger Support (@Ledger_Support) December 26, 2022
Ledger has not responded to the scam, but has previously advised customers that the “only safe place” to download Ledger Live is from its website, ledger.com.
Bitcoinworld tried to reach out to any Microsoft representative for comment, but did not receive any response right away.
Source: https://bitcoinworld.co.in/fake-ledger-live-application-steals-588k-from-microsoft-store/