Almost $600,000 in Bitcoin (BTC) has been stolen from customers who downloaded a pretend Ledger Live software on Microsoft’s app retailer, according to cryptocurrency sleuth ZachXBT.
The on-chain analyst noticed the rip-off, “Ledger Live Web3,” on Nov. 5, which is tricking customers into pondering that they’re downloading “Ledger Live” — a person interface for Ledger {hardware} wallets to retailer cryptocurrency offline.
Approximately 16.8 BTC price $588,000 has been acquired by the scammer throughout 38 transactions utilizing the pockets handle “bc1q….y64q,” according to Blockchain.com. About $115,200 has left the scammer’s pockets throughout two transactions, leaving it with $473,800 or 13.5 BTC.
Community Alert: There is at the moment a pretend @Ledger Live app on the official @Microsoft App Store which was resulted in 16.8+ BTC ($588K) stolen
Scammer handle
bc1qg05gw43elzqxqnll8vs8x47ukkhudwyncxy64q pic.twitter.com/rOZ0ZWRWbn— ZachXBT (@zachxbt) November 5, 2023
In a follow-up submit, ZachXBT noted that Microsoft might have eliminated the pretend Ledger Live app from its platform.
The first transaction despatched to the scammer’s pockets handle occurred on Oct. 24 for $5,210. Before that, the pockets hadn’t been used. Most of those transactions have occurred since Nov. 2, with the most important switch totaling $81,200 on Nov. 4.
A search by Cointelegraph discovered the pretend “Ledger Live Web3” software appeared in Microsoft’s app retailer as early as Oct. 19.
ZachXBT stated he acquired two messages from victims on Nov. 4 and even argued that Microsoft “should be held liable” for permitting the pretend Ledger Live app to look in its app retailer.
Sadly acquired two messages about this from victims right now. Seems one other individual misplaced funds in simply previous few min. pic.twitter.com/yYPbizltN5
— ZachXBT (@zachxbt) November 5, 2023
Related: Ledger hardware wallet rolls out cloud-based private key recovery tool
It isn’t the primary time a pretend Ledger Live app has made its method into Microsoft’s app retailer both.
Ledger’s help account on X (previously Twitter) knowledgeable its customers a few pretend Ledger Live app on two separate events in December and March.
Hey #ledger customers
Beware of pretend Ledger Live apps revealed on the Microsoft Store
The solely protected place to obtain Ledger Live is on our web sitehttps://t.co/cDLX1rEWPf
Ledger will NEVER ask you on your 24-word restoration phrase ❌
Stay protected pic.twitter.com/0dXTJ7FeuO
— Ledger Support (@Ledger_Support) December 26, 2022
Ledger hasn’t commented on the rip-off however has beforehand iterated to customers that the “only safe place” to obtain Ledger Live is from its web site, ledger.com.
Cointelegraph reached out to Microsoft for remark however didn’t obtain a direct response.
Magazine: ‘Account abstraction’ supercharges Ethereum wallets: Dummies guide
