Best crypto insights delivered straight to your inbox.
Fraudulent ledger live app siphons $588,000 via Microsoft’s store
Fraudulent
- Fake Ledger Live app scams Microsoft’s users for $588,000 in Bitcoin.
- Lack of app store scrutiny raises concerns over user security.
- Protecting your cryptocurrency investments is paramount; verify app sources.
In a recent incident, nearly $600,000 worth of Bitcoin (BTC) was stolen from unsuspecting users who downloaded a fraudulent Ledger Live application from Microsoft’s app store. The fraudulent app, named “Ledger Live Web3,” duped users into believing they were downloading the legitimate “Ledger Live” interface, which is designed for Ledger hardware wallets used to securely store cryptocurrency offline.
Cryptocurrency sleuth ZachXBT uncovered the scam in November promptly alerting the community to the malicious app. It managed to deceive users into downloading it, resulting in the theft of approximately 16.8 BTC, valued at $588,000. These ill-gotten gains were acquired through 38 transactions using the wallet address “bc1q….y64q,” as per data obtained from Blockchain.com. About $115,200 was subsequently transferred out of the scammer’s wallet through two transactions, leaving them with a balance of $473,800 or 13.5 BTC.
Microsoft’s App Store security raises concerns about Live App scam
The first transaction made to the scammer’s wallet occurred on October 24th, amounting to $5,210. Before this, the wallet had remained dormant. Most of the fraudulent transactions took place after November 2nd, with the largest single transfer being a staggering $81,200 on November 4th.
ZachXBT, who brought the scam to light, received messages from victims on November 4th and raised concerns about Microsoft’s role in allowing the fake Ledger Live app to appear in its app store. Some argue that Microsoft should be held liable for not providing adequate safeguards against such fraudulent apps. It is worth noting that this is not the first time a fake Ledger Live app has infiltrated Microsoft’s app store, as similar incidents occurred in December and March, prompting warnings from Ledger’s support account on social media.
While Ledger has not yet commented on this specific scam, the company has consistently emphasized to its users that the “only safe place” to download the legitimate Ledger Live application is from its official website, ledger.com. This highlights the importance of verifying the source of cryptocurrency-related applications and exercising caution while downloading from third-party platforms.
Although not officially confirmed, there are indications that Microsoft may have removed the fake Ledger Live app from its platform following reports of the scam. However, questions remain about the level of scrutiny and security measures applied by Microsoft to prevent such incidents from occurring in the first place.
Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.
Disclaimer:Â The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision
Edward Hopelane
Edward Hopelane is a certified content specialist and a business developer. He enjoys writing about emerging technologies such as Blockchain, Crypto/NFTs, Web3, Metaverse, Artificial Intelligence, UI/UX, and whatnot. With vast experience in blockchain, he has turned complex web 3 topics to simple blog posts.
CRASH COURSE
- Which cryptocurrencies can make you money
- How to boost your security with a wallet (and which ones are actually worth using)
- Little-known investment strategies that the pros use
- How to get started investing in crypto (which exchanges to use, the best crypto to buy etc)