This fake ledger app on the Microsoft Store may have stolen over half a million dollars worth of crypto

 Fake ledger app steals Bitcoin.
Fake ledger app steals Bitcoin.

What you need to know

  • A crypto investigator named @ZachXBT posted about the fake ledger app.

  • The app was named Ledger Live Web3.

  • The app was sending the Bitcoin to the scammer's wallet.

  • The scammer made away with at least 16.8 BTC or $588,000.

  • @ZachXBT just replied under the initial tweet saying Microsoft has removed the app.


Black Friday 2023

Black Friday 2023 deals at Windows Central
Black Friday 2023 deals at Windows Central

 Best early Black Friday deals
Xbox accessories under $100
Gaming laptop early deals
 Early graphics card deals
Early motherboard deals
4K and Ultrawide monitor deals
Xbox controller deals for October

A scammer was able to get a fake Ledger app called Ledger Live Web3 passed through Microsoft Store's checks and get it published on the store.

The app was being used to steal people's Bitcoin by asking users to enter in their 12-24 word recovery phrase into the app. This of course gave the scammer access to the user's cryptocurrency.

You can see the initial post about this by X (Twitter) user @ZachXBT. It is also important to note that while this article was being written, @ZachXBT updated their post with a reply that the Microsoft Store has removed the app.

How can you protect your cryptocurrency?

Remember that most good or reputable cryptocurrency wallets or ledgers will never ask for your recovery phrase. If you download one that is asking for it, it is highly recommended to not enter that phrase in, as it can have disastrous consequences. This is a very heart wrenching story, as are most scam stories.

Users across Reddit are explaining that their life savings have been wiped out by this scam. You can see more in this Reddit post by the User Weak-Rice-3545 one day ago saying they lost $26,500 from this fake ledger and it was their entire life savings. This Reddit post clarified that all of their cryptocurrency was stolen, not just their Bitcoin. They lost Bitcoin, Ethereum, and Solana and the user gave the address to which the scammer sent the cryptocurrency.

Downloaded a new Ledger app I found on Microsoft Store after reinstalling Windows on my computer for about 1-2 hours ago. Had not accessed it through Ledger Live in a while and was prompted to input my 24-word seed recovery phrase. Didn't think more about that since so much had happened with both reinstalling Microsoft OS and Ledger Live App, but... It took a few minutes before I saw all my crypto, $18,5k bitcoin and about $8k alt coins disappear. I understand I will never be able to get this back but can I track them somehow or do anything at all?

So, if you have downloaded and used Ledger Live Web3 or any other Cryptocurrency wallet or ledger that asked for your recovery phrase, immediately check your balances and rotate your recovery phrase as soon as possible.

Always be on the lookout for scammers, especially in the clandestine world of cryptocurrency, where everything is anonymous and untraceable. Make sure you understand how your cryptocurrency is protected and look to store portions of it in different wallets as when it is stolen, there is no way to get it back.