Fake Ledger Live App on Microsoft Store Siphons Thousands

Fake Ledger Live App on Microsoft Store Siphons Half a Million in BTC

Written by Gile K.,

Market Sentiment Analyst

Last Updated: November 06, 2023

Key Takeaways

A counterfeit Ledger Live app named "Ledger Live Web3" appeared in the Microsoft Store, scamming users.
On-chain investigator ZachXBT identified the scam, which accumulated about $588,000 from deceived users.
The fake app had been in the Microsoft Store since at least October 19th, and significant transaction activities spiked after November 2nd.

The crypto community was recently alerted about a scam where unsuspecting users were deceived into downloading a counterfeit Ledger Live app from the Microsoft Store, leading to a substantial theft.

On-chain detective ZachXBT unveiled the deceptive application named "Ledger Live Web3" on November 5th.

What is a DAO in Crypto? (Animated Explanation)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

The fake application misled individuals by imitating the legitimate "Ledger Live" platform, a renowned interface for Ledger hardware wallets designed to securely store digital assets.

According to data from Blockchain.com, the hackers accumulated roughly 16.8 Bitcoin (BTC), equivalent to about $588,000, through 38 separate transactions to the Bitcoin wallet address "bc1q….y64q."

Subsequent movements showed an outflow of around $115,200 via two transactions, leaving the scam wallet balance at approximately $473,800 or about 13.5 BTC.

In subsequent updates, ZachXBT indicated that Microsoft might have taken corrective action by removing the fake Ledger Live application.

Initial findings showed that malicious actors began their operation around October 24th, receiving a transaction worth $5,210. Before this, the wallet was empty. Notably, most of these transactions took place after November 2nd, with one hefty transaction amounting to $81,200 on November 4th.

Upon further investigation, it was discovered that this sham "Ledger Live Web3" application had been lurking in the Microsoft Store since at least October 19th.

Regarding the gravity of the situation, ZachXBT shared that affected individuals contacted him on November 4th. He claimed that Microsoft might be accountable for permitting such a deceptive application to reside in its store.

This incident isn't an isolated one. The Ledger's official support channel had previously cautioned its community about a similar scammy app twice, once in December and then in March.

While Ledger has not publicly addressed this latest scam, they have consistently emphasized to their user base that Ledger Live should only be sourced directly from their official website.