In a startling incident in the Bitcoin world, a fake Ledger Live application managed to infiltrate the Microsoft App Store, resulting in the theft of 16.8 BTC. The cunning scammer tricked users by stealing a staggering $588,000 and left the community shaken. Several analysts are sharing their investigations and findings on social media.
Fake Ledger Tricked Users With 16.8 BTC
On November 5, the story began when users searching for the official Ledger Live application on the Microsoft Store stumbled upon a fake version named “Ledger Live Web3.”
The notorious elements designed this deceptive app to mimic the legitimate Ledger Live app, a trusted user interface for Ledger hardware wallets, enabling users to securely store their bitcoin on the Ledger hardware wallets. Unknown to users, this imitation led to a major financial theft.
On November 5, blockchain researcher and investigator ZachXBT first detected the malicious app, posting a “Community Alert” on X. He mentioned the scammer’s address, “bc1qg05gw43elzqxqnll8vs8x47ukkhudwyncxy64q,” stating:
“There is currently a fake Ledger Live app on the official Microsoft App Store, which resulted in 16.8 BTC ($588K) stolen.”
The first transaction to the scammer’s wallet, amounting to $5,210, was recorded on October 24. Prior to this, the wallet had remained empty. Notably, the majority of the theft took place after November 2, with the most substantial transfer, worth around $81,200, occurring on November 4.
Related reading: Getting Started In Bitcoin: Easy Bitcoin Wallets For Beginners
Microsoft Store Takes Down Fake Ledger Live Application
ZachXBT reported that he received two messages from victims on November 4, raising concerns about the incident. In addition, he stated that Microsoft should be held accountable for allowing the fake Ledger Live application to be available on its app store for Windows. Interestingly, Microsoft has responded to the news by taking down the fake Ledger Live application from its store for Windows.
The recently lost $588k serves as a stark reminder of the risks associated with the digital asset space. Users are urged to exercise caution and vigilance when downloading and using Bitcoin-related applications, especially from sources outside of the official platforms.
This is not the first instance of a fake Ledger Live application making its way into the Microsoft Store. In the past, Ledger, the company behind Ledger Live, has consistently warned its users about fake Ledger Live apps in December and March. It emphasized that the “only safe place” to download their ledger hardware wallets is from their official website, ledger.com.
This incident highlights the responsibility of platform providers to safeguard users from fraudulent applications. It serves as a reminder of the challenges of maintaining the security and integrity of app marketplaces.