Nearly $600,000 in Bitcoin Stolen Through Fake Ledger Live App on Microsoft's Platform

 

A digital theif carrying money

In a concerning revelation, cryptocurrency watchdog ZachXBT has identified a fraudulent scheme involving a counterfeit Ledger Live application on Microsoft's app store, leading to the theft of nearly $600,000 in Bitcoin. The deceptive app, named "Ledger Live Web3," was found to be masquerading as the legitimate interface for Ledger's hardware wallets, which are designed to securely store cryptocurrency in an offline environment.

The fraud was meticulously executed, resulting in the accumulation of approximately 16.8 BTC, equivalent to $588,000, by the scammers through 38 transactions directed to the wallet address "bc1q…y64q," as per Blockchain.com's data. Interestingly, the scammers have already transferred about $115,200 out of their ill-gotten gains, leaving them with a balance of roughly $473,800 or 13.5 BTC.

ZachXBT, in a follow-up disclosure, suggested that Microsoft might have taken action to eliminate the phony Ledger Live application from its store. The earliest transaction recorded to the scammer's Bitcoin address was on October 24, amounting to $5,210, marking the wallet's initiation for this fraudulent activity. Notably, a spike in transactions was observed starting November 2, with the heftiest single transfer being $81,200 on November 4.

An investigation by Cointelegraph revealed that this spurious "Ledger Live Web3" app surfaced on Microsoft’s app store as early as October 19. Adding to the concern, ZachXBT mentioned receiving messages from two victims on November 4 and expressed the opinion that Microsoft bears a degree of responsibility for the presence of the fake app on its platform.

This incident is not the first instance of a counterfeit Ledger Live app infiltrating Microsoft's app store; Ledger's support channel on X (formerly known as Twitter) had previously alerted users about similar scams in December and March.

While Ledger has not yet issued a statement regarding this latest scam, the company consistently advises its customers that the "only safe place" to download the Ledger Live application is directly from its official website.

At the time of reporting, Cointelegraph's request for a statement from Microsoft remained unanswered, leaving questions about how such a deceptive application could breach the tech giant's defenses and the measures being taken to prevent future occurrences.

Post a Comment

أحدث أقدم