Approximately $600,000 in Bitcoin (BTC) was stolen from users who downloaded a fake Ledger Live application from Microsoft’s app store. according to To the cryptocurrency detective ZachXBT.
On-chain analysts discovered a scam called “Ledger Live Web3” on November 5th. This tricks users into thinking they are downloading Ledger Live, a user interface for Ledger hardware wallets for storing cryptocurrencies offline.
The scammer received approximately 16.8 BTC worth $588,000 in 38 transactions using the wallet address “bc1q….y64q.” according to Go to Blockchain.com. Approximately $115,200 was drained from his two transactions in the scammer’s wallet, leaving him with $473,800 or his 13.5 BTC.
Community Alert: Fake items currently exist. @ledger Official live app @Microsoft Over 16.8 BTC ($588,000) stolen from App Store
scammer’s address
bc1qg05gw43elzqxqnll8vs8x47ukkhudwyncxy64q pic.twitter.com/rOZ0ZWRWbn— Zach XBT (@zachxbt) November 5, 2023
In a follow-up post, ZachXBT I got it. Microsoft may have removed the fake Ledger Live app from its platform.
The first transaction sent to the scammer’s wallet address took place on October 24th and was worth $5,210. Until then, wallets were not used. Most of these transactions took place after Nov. 2, with the largest transfer totaling $81,200 on Nov. 4.
A search by Cointelegraph revealed that a fake Ledger Live Web3 application appeared on Microsoft’s app store on October 19th.
ZachXBT said he received two messages from victims on November 4th, even claiming that Microsoft “should be held responsible” for allowing the fake Ledger Live app to appear on the app store.
Sadly, I received two messages about this today from victims. It appears that within a matter of minutes another person lost their funds. pic.twitter.com/yYPbizltN5
— Zach XBT (@zachxbt) November 5, 2023
Related: Ledger Hardware Wallet rolls out cloud-based private key recovery tool
This isn’t the first time a fake Ledger Live app has infiltrated Microsoft’s app store.
The Ledger support account on X (formerly Twitter) notified users about the fake Ledger Live app on two separate occasions, in December and March.
Hey #ledger user
Beware of fake Ledger Live apps on the Microsoft Store
The only safe place to download Ledger Live is our websitehttps://t.co/cDLX1rEWPf
Ledger will never ask you for your 24-word recovery phrase ❌
Take care pic.twitter.com/0dXTJ7FeuO
— Ledger Support (@Ledger_Support) December 26, 2022
Ledger has not commented on the scam, but has previously reiterated to users that the “only safe place” to download Ledger Live is from its website, ledger.com.
Cointelegraph reached out to Microsoft for comment, but did not immediately receive a response.
magazine: “Account abstraction” greatly enhances Ethereum wallets: A guide for dummies
