Counterfeit Ledger Application Scams Crypto Users Out of Over $760K on Microsoft App Store
Based on a report from on-chain analyst ZachXBT, a group of hackers stole $767,000+ after users downloaded a fake Ledger Live application published by the scammers to the Microsoft App Store (Canada) and used it for crypto transactions.
The hackers stole over 16.8+ bitcoins (equivalent to $626,295 as of November 2023).
Hackers Steal Over $760,000 in Canada BTC Via Fake Ledger App on Microsoft Store
A fake Ledger Live application was uploaded to the Microsoft App Store on Saturday, based on a report by ZachXBT on X (formerly Twitter).
Ledger creates hardware wallets for cryptocurrencies and offers the Ledger Live app for users to set up their wallets and manage their digital assets.
Following the attack, Microsoft removed the fake application from its app store, but users are still grappling with substantial losses.
ZachXBT Analyst Claims Fake Ledger App in a Report
On Saturday, on-chain analyst ZachXBT first posted on X (formerly Twitter) that hackers had made away with 16.8 Bitcoin — today worth is $626,295.
Since then, he added, over $180,000 in Ethereum and BNB Smart Chain has been stolen, bringing the total value of stolen crypto assets to $767,238.
ZachXBT reported that Microsoft has removed the false application from the store. Screenshots of the App Store entry and an error message indicating its removal were posted.
A similar thing happened to Trezor this year when a counterfeit app named “Trezor Wallet Suite” showed up on the Apple App Store, even though Trezor does not have an iOS application.
Microsoft App Store Canada: A Hotbed for Fake Ledger Application
Ledger’s support team alerted the X (formerly Twitter) community to the fake Ledger application.
“Hey, Ledger users. Beware of fake Ledger Live apps published on the Microsoft Store. The only safe place to download Ledger Live is on our website. Ledger will NEVER request your 24-word recovery phrase. Stay safe.”
Ledger further explained that the company also alerted Microsoft and the community.
Unfortunately, many had already been scammed before the fake app was removed from the Microsoft App Store Canada. ZachXBT tweeted about two of his followers who had been scammed via the live app.
ZachXBT tweeted about two of his followers who had been scammed via the fake app.
Another follower tweeted, “I was a victim, lost about $26,500. Mostly BTC but also ETH, sol, Matic & DOGE. Just bought Windows 11 and upgraded, so I had to download Ledger again after the installation. Found it in the new Microsoft Store, I thought was trustworthy & fell for the scam. All savings are gone.”
On June 20, 2023, Managing Partner at Crypto Lawyers, Rafael Yakobi, posted a security alert regarding Apple’s App Store. Yakobi reported that the first result in a search for Trezor was a malicious app designed to steal cryptocurrency.
He warned Apple users that the fake “Trezor Wallet Suite” application will “request your seed phrase, allowing its operators to steal all of your crypto.
Unfortunately, the fake app had claimed a victim. It inadvertently resulted in the loss of his entire BTC savings. The scammers stole about 17.1 bitcoins, a significant amount in Canada BTC currency.
Over the years, app stores run by Microsoft, Apple, and Google have allowed many fake apps to appear on their platforms. These imposter apps pretend to be legitimate software, but there hasn’t been a thorough process to check if they’re actually real.
These applications are often designed to phish for a user’s seed phrase or login details to steal their money.
Vigilance is key when checking the legitimacy of an app. This includes checking for typos, inconsistent icons or explanations, and the developer’s contact details.
Instead of visiting app stores, it’s always best to go directly to the developers’ website to install any app. The website will redirect you to the genuine app on the app store to avoid being hacked by a fake.