A well-known cryptocurrency investigator known as @zachxbt revealed a fraudulent scheme that illegally stole Bitcoin through a scam application on the Microsoft Store. Identified as the Ledger Live Web3, the bogus application was used to rob unsuspecting end-users of their cryptocurrency.
A Daring Digital Heist
The illicit application was designed to go undetected through the examination and verification process of the Microsoft Store, thereby making its way onto the digital platform. The fraudulent application would then request unsuspecting users to input their 12-24 word recovery phrases, thus giving the scammer unrestricted access to the users' virtual currency wallets.
The cyber-thieves then transferred their ill-gotten Bitcoin to their private virtual wallets. According to @zachxbt, at least 16.8 Bitcoins, which equates to roughly $588,000, was stolen through this method before the Microsoft Store removed the malicious application.
Community Alert: There is currently a fake @Ledger Live app on the official @Microsoft App Store which was resulted in 16.8+ BTC ($588K) stolen
Scammer address
bc1qg05gw43elzqxqnll8vs8x47ukkhudwyncxy64q pic.twitter.com/rOZ0ZWRWbn— ZachXBT (@zachxbt) November 5, 2023
The Human Toll of Cybercrime
While the financial damages caused by this fraudulent scheme are staggering, the impact on individual victims is even more distressing. Financial loss causes immense strain on victims; for some, such as the Reddit user Weak-Rice-3545, this loss represents their life savings. In a profoundly distressing confession, the Reddit user disclosed that they had lost $26,500 to the ledger. The conned users did not only lose their Bitcoin but other types of cryptocurrency as well, including Ethereum and Solana.
Prevention and Recovery Measures
While cybercrimes are becoming more sophisticated, there are prevention measures that users can employ to secure their virtual assets. Reputable cryptocurrency wallets or ledgers will never request your recovery phrase (a series of words that recover your cryptocurrency if lost), and users are strongly advised to avoid entering their phrases on platforms requesting them.
If you have interacted with Ledger Live Web3 or another suspect application that has requested your recovery phrase, user should immediately check their cryptocurrency balances and change their recovery phrase where possible. The offending application was taken off the Microsoft Store, highlighting the ongoing battle against malicious digital actors.
