A security breach happened recently. Cybercriminals stole almost $600,000 in Bitcoin (BTC). Unsuspecting users downloaded a fake Ledger Live application from Microsoft’s app store. The fraudulent app was labeled as “Ledger Live Web3.” On November 5, cryptocurrency analyst ZachXBT discovered it. It masqueraded as the legitimate “Ledger Live” application. Furthermore, this app serves as a user interface for Ledger hardware wallets. Also, it enables users to securely store their cryptocurrency offline.
The Sophisticated Scam
The scam was executed with a high level of sophistication, luring users into believing they were installing a genuine Ledger Live application for managing their cryptocurrency holdings. As a result, users unknowingly downloaded the malicious app, exposing their valuable digital assets to cyber criminals.
The fraudulent app managed to siphon off approximately 16.8 BTC, equivalent to $588,000, in 38 separate transactions. These illicit transfers ranged in size, with the largest single transaction amounting to $81,200. However, the scammer wasn’t content with just receiving these stolen funds. They conducted two transactions that sent out about $115,200, leaving them in possession of $473,800 or 13.5 BTC.
Ledger’s Prior Warnings
Ledger, the hardware wallet manufacturer, and cryptocurrency wallet provider, has had to address fraudulent activities before. About a year ago, Ledger Support warned users about scams on its official Twitter account, even sharing an image of a fake Ledger Live Web interface.
To fight these scams, Ledger reported them to Microsoft and collaborated on preventing future instances. In that case, The Ledger team believes that scammers created the fake app and listed it on the Microsoft Store to exploit unsuspecting users.
What to Do If You Suspect a Scam
If you suspect that you have downloaded a fraudulent cryptocurrency application or have fallen victim to a scam, it is essential to take immediate action to protect your assets and report the incident. The following steps can help:
- Stop using the application: Cease any further interaction with the suspicious app to prevent additional harm.
- Secure your assets: If you have transferred any cryptocurrencies through the app, consider moving them to a more secure wallet or freezing the associated accounts.
- Report to the platform: Inform the platform or app store where you downloaded the application and provide them with the necessary details. This can help them take appropriate measures and potentially remove the scam app.
- Report to authorities: In severe cases, involving law enforcement or relevant authorities may be necessary.
Cryptocurrencies are fast-paced. To protect your digital assets from evolving threats and scams, vigilance and staying informed are important. Malicious actors are constantly finding new ways to exploit unsuspecting users. The fake Ledger Live app incident serves as a reminder of this fact. Therefore, it’s crucial to remain cautious and take necessary actions.