Home / News / Crypto / Bitcoin / Fake Ledger Live App: Microsoft Store Dupe Leads to $600K Loss and Important Lesson
5 min read

Fake Ledger Live App: Microsoft Store Dupe Leads to $600K Loss and Important Lesson

Last Updated November 6, 2023 12:10 PM
Teuta Franjkovic
Last Updated November 6, 2023 12:10 PM

Key Takeaways

  • Users who downloaded a fraudulent Ledger Live app from Microsoft’s app store fell victim to a scam.
  • ZachXBT identified the fraudulent app known as “Ledger Live Web3.”
  • This is not the first occurrence of a fraudulent Ledger Live app infiltrating Microsoft’s app store.

The realm of “pig butchering” investment scams has extended to the sanctioned app platforms of Google and Apple.

According to  cryptocurrency investigator ZachXBT, customers who downloaded a fraudulent Ledger Live app from Microsoft‘s app store had about $600,000 in Bitcoin taken from them.

Microsoft Scammer Nets $600,000 in BTC

On November 5, the on-chain researcher discovered the fraud known as “Ledger Live Web3.” It deceives people into believing that they are installing “Ledger Live,” which is a user interface for offline cryptocurrency storage on Ledger hardware wallets.

The scammer has received over 16.8 BTC worth $588,00 throughout 38 transactions using the wallet address “bc1q.y64q,” according to Blockchain.com . After two transfers totaling about $115,200, the scammer’s wallet now has $473,800, or 13.5 BTC, in it.

ZachXBT mentioned in a follow-up post  that Microsoft might have taken down the phoney Ledger Live app from its store.

On October 24, $5,210 went to the wallet address of the scammer. The wallet had not been used before that. The majority of these transactions have taken place since November 2, with the highest transfer on November 4 being $81,200.

It appears that on October 19, the phoney “Ledger Live Web3” application first surfaced in Microsoft’s app store.

Google search
Credit: Microsoft

ZachXBT even asserted that Microsoft “should be held liable” for permitting the fraudulent Ledger Live software to exist in its app store, claiming to have received two messages from victims on November 4.

Microsoft’s spokesperson told CCN the company has removed this application and “is continually working to ensure malicious content is identified and taken down quickly”.

A “Known” Offender

Additionally, this is not the first time a phoney Ledger Live app has entered Microsoft’s app store.

Two different times, in December and March, Ledger’s help account on X (previously Twitter) alerted users to the existence of a phoney Ledger Live app.

Ledger has not yet responded to the fraud, but in the past, it has reminded customers that downloading Ledger Live from its website, ledger.com, is the “only safe place.”

In May this year, it happened the launch of a so-called Ledger Recover. The cryptocurrency industry fiercely opposed a new service that lets users of the Ledger hardware wallet backup their secret recovery phrases. Co-founder and former CEO of Ledger, Éric Larchevêque, described  Ledger’s detractors as “a total PR failure, but absolutely not a technical one.”

In response to growing worries from users across the globe, Larchevêque made a clarification post on Reddit , stating that Ledger was never a reliable solution:

“Some amount of trust must be placed into Ledger to use their product. If you don’t trust Ledger, meaning you treat your HW manufacturer as an adversary, that can’t work at all.”

AI Chat & Fake Investments Scams

According to Sophos’ findings,  a portion of swindles involving fraudulent cryptocurrency investments have been targeting users of dating apps. These CryptoRom scammers have been perfecting their methods since May, with Sophos X-Ops noting the addition of an AI chat tool similar to ChatGPT in their arsenal.

Additionally, these fraudsters have broadened their coercive tactics, falsely claiming that victims’ cryptocurrency accounts were compromised and demanding larger upfront payments.

Researchers discovere seven phoney cryptocurrency investment apps in the legitimate Google Play and Apple App stores. The app shops appear to provide innocuous descriptions for these apps. When users launch the app, they are met with a phoney cryptocurrency trading interface.

Software developers use the same method that Sophos initially reported  in February 2023 to get past the Apple software Store review procedure. They use authentic, everyday web content when they submit the app for approval. They then add a code for the bogus interface to the server hosting the app after its authorisation and publication.

The same templates and descriptions appeared in many of these seven new apps. This indicates that the same ring or rings of pig butchers are behind the whole scam.

According to Sophos, the emergence of FinTech has made people’s faith in software tools more commonplace. This trust increases when consumers download programmes from the official Google and Apple shops.

The greatest defence is to learn about the software before downloading it, read user reviews, review the privacy statement, and confirm the developer/publisher and corporate information.

Was this Article helpful? Yes No