On November 5, an onchain analyst on X (formerly Twitter) under the nickname @zachxbt drew attention to a fake Ledger hardware wallet app that had been available for downloading in the Microsoft Store. The app was removed the same day. However, in less than a month, the attackers managed to steal approximately $768,000 worth of funds.
ZachXBT is known in the community for his researches. He was one of the first to point out that Tether froze $20 million in August, showed the most interesting loss of funds due to Buterin's X account hack in September, and warned that NFT collection from Impact Theory would attract the attention of regulators back in 2021.
How much money did users of the fake Ledger app on Microsoft Store lost
From October 19 to November 5, a fake version of a Ledger hardware wallet management app called Ledger Live Web3 was available on the Microsoft Store. Once a wallet connected to this app, cryptocurrency was transferred from users' addresses straight to the scammer.
Here are some numbers of funds stolen:
💸 The scammer managed to steal 16.8 Bitcoins (approximately $581,000);
🎣 The largest single catch was 2.31 BTC (approximately $81,000) on November 3;
💰 The total amount of stolen cryptocurrency is approximately $768,000, according to ZachXBT.
Why did fake Ledger app hack happened
Aside from user inattention, part of the blame lies with those who moderate the Microsoft Store apps and approve the publication of such fakes without sufficient verification. It even became the occasion for a joke.
Seems funny, but this is not the first time an application pretending to be a Ledger app got into the Microsoft Store. This had already happened in December 2022.
In order not to get into such a situation, always download only the software that is listed on official sites. For example, Ledger has no apps in the Microsoft Store at all, but you can download all the necessary programs from this page. Be careful and read our guide on how to avoid scams.
You might also like: