Recently a disturbing case of theft of almost $600,000 in Bitcoin from users who downloaded a fake Ledger Live app from Microsoft's app store has been uncovered. And as a good user interested in the latest news in the crypto world, I decided to investigate what happened with all this mess.
I know that surely many users were not interested in this because not all of us use Ledger services, but still this is something that leaves many things to think about, and finally happened what had to happen, as it has happened with many other wallet of different services, but let's look at this more in depth, and in advance I will tell you that it is important to try to be more cautious in the world of cryptocurrencies....
Table of contents for this article:
♦ What is Ledger?
♦ The cunning scam.
♦ The scam is uncovered.
♦ What happened to the stolen funds.
♦ Microsoft Responsibility
♦ Ledger was not guilty.
Designed in Canva
What is Ledger?
In the world of cryptocurrencies, security and control of your digital assets are paramount.
And this is where the Ledger Hardware Wallet comes into play, and this is the first thing I will address in this article to give you some context. This device is a cryptocurrency wallet that securely stores the user's private keys, which are essential for authorizing outgoing transactions on the blockchain network.
But Ledger is the company that stands out in this whole topic, as it has the main advantage that it provides total isolation between the private keys and your devices, such devices that can be easily hackable, like PC or Cell Phones. Ledger develops hardware wallet technologies that incorporate the highest level of security for crypto assets, or at least that is the opinion of its users, because so far I have not heard of another Cold wallet better than Ledger.
With Ledger, you can securely manage all your cryptocurrencies. In addition, Ledger Live allows you to buy, exchange, grow and manage a large number of tokens and cryptocurrencies, and it is Ledger Live that we will talk about today.
Designed in Bing
The cunning scam.
The scam had a very peculiar name (Ledger Live Web3) because the most experts would see a strange alarm in its name, but not everyone is an expert or simply an oversight could cause a large amount of funds to be lost.
The name was disguised as a legitimate application (Ledger Live), designed to manage Ledger hardware wallets. Unsuspecting users were tricked into downloading this fake application, which led to the theft of their cryptocurrencies, this theft of cryptocurrencies is not something new, it has always happened, but for this to happen with an app that claimed to be official Ledger... this is another level of scam.
But here the interesting question is, how could a fake app make it to the Microsoft app store without being detected?
The theft of funds has an exact figure of 16,82437378 BTC, which at the time of writing this article is worth $590,819, total insanity.
The scam is uncovered.
The twitter user ZachXBT, an analyst or detective, was the one who discovered this scam after some scammed users communicated with him on Twitter. His ability to identify this scam is admirable and I must admit that, because he published on his twitter account to alert Ledger users, to prevent others from falling into the scam, this was on 4/11/2023.
I invite you to see the link of his publication so you can be aware of everything he managed to discover this guy, plus he published the wallet that received the funds of the people who fell into his trap, the wallet is (bc1qg05gw43elzqxqnll8vs8x47ukkhudwyncxy64q), and as we all know, we can track the funds received by this wallet, so join me to see a little of the movements it has had since the theft of Bitcoins occurred.
Designed in Bing
What happened to the stolen funds.
For this we will use the Blockchain.com page, because here we have a block explorer that allows us to see each of the transactions of a specific wallet, it has other functions but for now we will only use the block explorer.
At this moment the wallet of the theft, has no funds, and it is logical that after all this he moved the BTC to another address, a total of 38 transactions he had before the scam was detected, and his last activity was a withdrawal to another wallet, the new wallet to which he sent the BTC was (bc1qtntflhe6f58lenv8chwuw8w55wxudwsvv549ah)
And from that wallet he sent again to another wallet, and at the moment the funds are in that wallet, you can see the whole process watching this direct link of the main wallet activity.
Microsoft responsibility
This is undoubtedly one of the most interesting questions, because Microsoft allowed this fake app to be in their store, there is the first mistake in the whole history of the scam I'm talking about.
Even ZachXBT himself argued that Microsoft should take some responsibility for allowing the fake app to appear in their app store, and indeed there was a lack of security there, so that this app did not come out with an app available to everyone.
Ledger was not at fault.
Actually this was not the fault of the company Ledger, as I see more the charge of responsibility to Microsof for having let this app could be used, but still the guys from Ledger, published that users had to be more cautious, and indicated that: The only safe place to download their app is from their website.
Designed in Canva
It is time to take action on the matter, let's be ourselves who take care of our security, do not trust so easily in the app or web pages, always try to look for reliable and only OFFICIAL sources of the projects we follow.
That's what you have to keep in mind right now, so here I end my article and I leave an open space in the comments for you to give me your personal opinion on this subject, greetings to all and I hope you have a happy day.
Follow me on Twitter.
The character used to edit the cover of this article was created with the Bing tool.
English is not my native language, so I have used Hive Translator.
Posted Using InLeo Alpha
Too bad for the owner of the stolen assets. We really need to be very, very careful with the apps or tools that we are using.
It seems Microsoft is not really scrutinizing the apps that are being listed on its store.
I personally say that none of this would have happened if they had verified the app before approving it for public download.
I remember a couple of months ago I almost fell into a fake Pancakeswap page, luckily I checked the domain, otherwise something similar to what happened with Ledger would have happened to me.
Thank you very much for leaving your comment, it is an honor to have you here, I hope you have a happy day and thanks for reading the article.
!PGM
BUY AND STAKE THE PGM TO SEND A LOT OF TOKENS!
The tokens that the command sends are: 0.1 PGM-0.1 LVL-0.1 THGAMING-0.05 DEC-15 SBT-1 STARBITS-[0.00000001 BTC (SWAP.BTC) only if you have 2500 PGM in stake or more ]
5000 PGM IN STAKE = 2x rewards!
Discord
Support the curation account @ pgm-curator with a delegation 10 HP - 50 HP - 100 HP - 500 HP - 1000 HP
Get potential votes from @ pgm-curator by paying in PGM, here is a guide
I'm a bot, if you want a hand ask @ zottone444
That is true. They should be responsible enough to verify applications before allowing them to be available in their store.
Glad you checked. It is always advisable to do that which baffled me that with the amount the user had in his wallet, he should have bothered to check the official channels (Ledger) before doing anything.
Thank you too for sharing. It makes us aware of things and be wary with our own dealings when it comes to our crypto assets.
Post manually reviewed. 😊
Thanks a lot for the support guys, hope you have a happy day.
!PIZZA
!PGM
BUY AND STAKE THE PGM TO SEND A LOT OF TOKENS!
The tokens that the command sends are: 0.1 PGM-0.1 LVL-0.1 THGAMING-0.05 DEC-15 SBT-1 STARBITS-[0.00000001 BTC (SWAP.BTC) only if you have 2500 PGM in stake or more ]
5000 PGM IN STAKE = 2x rewards!
Discord
Support the curation account @ pgm-curator with a delegation 10 HP - 50 HP - 100 HP - 500 HP - 1000 HP
Get potential votes from @ pgm-curator by paying in PGM, here is a guide
I'm a bot, if you want a hand ask @ zottone444
You’re welcome, keep up your good work! 🤗
Yay! 🤗
Your content has been boosted with Ecency Points
Use Ecency daily to boost your growth on platform!
Support Ecency
Vote for new Proposal
Delegate HP and earn more, by @zonadigital21.
$PIZZA slices delivered:
zonadigital21 tipped palomap3
(4/15) @alicia2022 tipped @zonadigital21
Excelente artículo...había escuchado algo al respecto pero no me detuve a investigar.
Ciertamente hay que ser muy cuidadoso con el mundo de las criptomonedas!!
!PIZZA
!PGM
BUY AND STAKE THE PGM TO SEND A LOT OF TOKENS!
The tokens that the command sends are: 0.1 PGM-0.1 LVL-0.1 THGAMING-0.05 DEC-15 SBT-1 STARBITS-[0.00000001 BTC (SWAP.BTC) only if you have 2500 PGM in stake or more ]
5000 PGM IN STAKE = 2x rewards!
Discord
Support the curation account @ pgm-curator with a delegation 10 HP - 50 HP - 100 HP - 500 HP - 1000 HP
Get potential votes from @ pgm-curator by paying in PGM, here is a guide
I'm a bot, if you want a hand ask @ zottone444
En eso tienes razón, tenemos que tener cuidado de qué app descargamos o en que páginas vamos a agregar nuestras claves privadas, un simple error puede hacer que perdamos nuestro dinero, y es algo que lamentablemente no podemos recuperar.
Justo leí hace algunas horas que un dueño de un banco tenia 470 mil dólares en ETH y perdió sus claves y ahora esta pagando al que pueda recuperarla, pero lo veo complicado.
Guardar bien nuestras claves y verificar bien las paginas oficiales de los proyectos que seguimos, eso es lo que tenemos que hacer todos, muchas gracias por comentar y dejar tu apoyo, espero que tengas un gran dia.
!PIZZA
!LOLZ
lolztoken.com
What does alcohol do?
Credit: reddit
$LOLZ on behalf of zonadigital21
(2/6)
Delegate Hive Tokens to Farm $LOLZ and earn 110% Rewards. Learn more.@alicia2022, I sent you an
It's not alarming at all. If they would have used their Ledger correctly this wouldn't have happend because they should have checked the information on the display and would have realized that it is a incorrect transaction.
I am referring to the alarming figure of 16.82 BTC stolen in just a couple of days, in just 38 transactions more than 500,000$ in Bitcoin were stolen, that to me is what is alarming.
I like to be a bit flashy with the titles of my articles, that's why I have chosen the title you see here.
And of course it is largely the user's fault, because they did not verify well the transactions they were about to sign, but it was also Microsoft's fault for allowing that fake app to be in their store.
Thank you very much for leaving your comment my friend.
!LOLZ
!PGM
BUY AND STAKE THE PGM TO SEND A LOT OF TOKENS!
The tokens that the command sends are: 0.1 PGM-0.1 LVL-0.1 THGAMING-0.05 DEC-15 SBT-1 STARBITS-[0.00000001 BTC (SWAP.BTC) only if you have 2500 PGM in stake or more ]
5000 PGM IN STAKE = 2x rewards!
Discord
Support the curation account @ pgm-curator with a delegation 10 HP - 50 HP - 100 HP - 500 HP - 1000 HP
Get potential votes from @ pgm-curator by paying in PGM, here is a guide
I'm a bot, if you want a hand ask @ zottone444
Hola mi querido amigo como estas pasate por Telegram cuando puedas
Ok, deja entro en un rato.
!LOLZ
Le di promoción pero no me deja mandar los puntos de ecency
Tiene que ser de solo 1$ el voto, no puedes dar tantos, pero no importa mano, déjalo así, guarda puntos para cuando subas tus post.
!LOLZ
lolztoken.com
Because they know how to suck it up.
Credit: reddit
$LOLZ on behalf of zonadigital21
(1/6)
PLAY & EARN $DOOM
@besun1980, I sent you anNo me deja impulsar al tope
No tenia ni idea acerca de esto, pero esta interesante que lo trates.
Muchas gracias por comentar, y si que es un tema interesante de ver, pues las estafas hoy en dia son muy frecuentes.
!PGM
BUY AND STAKE THE PGM TO SEND A LOT OF TOKENS!
The tokens that the command sends are: 0.1 PGM-0.1 LVL-0.1 THGAMING-0.05 DEC-15 SBT-1 STARBITS-[0.00000001 BTC (SWAP.BTC) only if you have 2500 PGM in stake or more ]
5000 PGM IN STAKE = 2x rewards!
Discord
Support the curation account @ pgm-curator with a delegation 10 HP - 50 HP - 100 HP - 500 HP - 1000 HP
Get potential votes from @ pgm-curator by paying in PGM, here is a guide
I'm a bot, if you want a hand ask @ zottone444