Rogue Developer Steals $768,000 in Crypto with Fake Ledger Live App

It is possible to get rewards by staking ETH, SOL, ATOM, ADA and several other coins and tokens. Join the 10,000+ crypto investors & enthusiasts who receive exclusive discounts, crypto investing and security guides, digital privacy protection tips and more every week. If you want to store or transfer Etheruem (or any tokens living on Etheruem) install the Eth app. Any group or individual on Telegram or WhatsApp claiming to be Ledger Support is trying to steal your crypto.

Ledger Live Mobile

Once you’re connected, you’ll have a clear view of your cryptocurrency portfolio and access to account management and transaction histories. Within the Ledger Live wallet app, you can also send and receive crypto currencies, track your portfolio and access all sorts of nifty decentralized apps. For users seeking additional layers of security, the Ledger Nano S can be paired with the Ledger Live software, which offers real-time balance tracking, multi-account management, and secure transaction signing. This comprehensive approach ensures that you stay informed about your digital assets’ status while enjoying enhanced protection.

Anyone asking you for your recovery phrase is a criminal. Period.

According to ZachXBT, Microsoft may have removed the fraudulent app from their platform. The initial transaction happened on October 24, with the majority of transactions occurring since November 2, including a large transfer of $81,200 on November 4. Users who downloaded a fraudulent Ledger Live app from Microsoft’s app store were scammed, resulting in the theft of approximately $600,000 in Bitcoin (BTC). According to BleepingComputer, the fraudulent app had been in the store since Oct. 19. The cyber news site also shares a Reddit post by a person claiming to have lost their life’s savings – $18,500 bitcoin and about $8,000 in alt coins – to this rogue app’s developer. In a flash alert on X (formerly Twitter), cryptocurrency analyst ZachXBT sounded the alarm that Microsoft’s app market was housing a rogue app designed to steal crypto.

Choose a Reddit account to continue

Did you know that the screens of your everyday devices like your phone and computer are a potential point of attack for hackers? Without a secure screen, there is no way to know whether you’re signing a malicious transaction or not. A crypto wallet is a physical device, designed to enhance the security of your private keys by securely storing them offline. Ledger crypto wallets are widely known as the best crypto wallets for desktop users, particularly due to the uncompromising value they place on both security and user-friendliness. You can start staking coins through the Ledger Live crypto wallet app. Track your rewards in the Earn section and discover staking opportunities across chains.

A crypto wallet app and Web3 gateway

This is where Ledger’s security model separates itself from the norm. It is possible to buy crypto with a credit/debit card or bank transfer. Choose from a range of service providers – Paypal, Ramp, MoonPay, Sardine – and select the option that works best for you.

Italian Authorities Fined OpenAI €15 Million for Not Disclosing Data Breach

• Ledger Sync offers a simple and secure solution to synchronize instances of Ledger Live and back up encrypted information across multiple devices.
• In other words, all keys are stored on a hardware device, and it is physically impossible to steal them through the Internet.
• Ledger Live makes it so that even a newcomer to web3 can easily buy and sell crypto directly in the app through integrated buy providers like MoonPay, Coinify, and Transak.
• Since Ledger hardware wallets are secure ways to store private keys, the Ledger Live software can be configured to function as a multi-factor authentication (MFA) device.

Software wallets are non-custodial, offering you true ownership of your assets. Put simply, using your phone or laptop to store private keys is like leaving a bank vault in the middle of a shopping mall. This is because software wallets store your private keys insecurely and are always connected to the internet.

Thousands of supported coins and tokens

Moreover, Ledger’s clear signing initiative makes its Clear Signing plugin a pre-requisite for dApps, apps, and providers that integrate with beam-signal ledger live matrix eye. Every app built for Ledger Live implements this plugin and also undergoes an audit. With such an expansive experience comes the highest responsibility to protect the millions of users that interact with the Ledger Live ecosystem. Upon setup, every Ledger device prompts users to create a 4-to-8-digit PIN code to unlock the device. The fake site analyzes the entered words, comparing them against a list of 2048 possible terms.

Years of Ledger: Secure Self-Custody for All

As always, stay vigilant and never share your recovery phrase with anyone. Scammers are targeting every crypto subreddit hoping to separate you from your crypto. Our subreddit is constantly under attack by criminals and scammers looking to separate you from your crypto. Keep your recovery phrase safe, offline, and never share it with anyone. Libraries serve as publicly available packages, designed for integration with other libraries or applications.These packages are deployed to the official npm repository under the @ledgerhq organization.

Phone App needs work

All wallets are brand new, sourced directly from our partners, and verified secure. To create an account select «Accounts» on the left and then click on the «+ Add account» on the top right (see screenshot below). Never type your recovery phrase in any website, we and Ledger will never ask you for your recovery phrase. Aktionariat offers a set of tools for Swiss companies to create a market for their digital shares on their own website. Staking cryptocurrency is similar to—but not exactly the same as—earning interest from your bank on your savings account. For letting the bank hold your money, they pay you some interest on a regular basis.

Introducing Ledger Flex

• A crypto wallet is a digital tool that allows users to store, manage, and interact with cryptocurrencies such as Bitcoin, Ethereum, and many others.
• The big idea behind crypto wallets is the isolation of your private keys from your easy-to-hack smartphone or computer – basically anything that can expose your private keys on the internet.
• If you don’t, you can download it from the official Ledger website.2.
• Think of it as your digital superhero cape—giving you power and security in the wild, wild Web3.
• Upon setup, every Ledger device prompts users to create a 4-to-8-digit PIN code to unlock the device.

As part of Ledger’s vision, this tool aims to onboard a new generation of crypto users by providing an easier, more secure way to embrace self-custody, rather than relying on centralized or insecure solutions. Instead, Ledger Sync uses the Ledger Key Ring Protocol to generate encryption keys directly from your Ledger device. These keys encrypt your Ledger Live data, allowing it to be securely transmitted over public channels. Only you, the owner of your Ledger device, can decrypt this information. Ledger Sync revolutionizes this process by eliminating centralized control, ensuring that access to your Ledger Live information remains entirely under your control.

Why developers choose the XRP Ledger

One of the biggest concerns for anyone practicing self-custody is losing their secret recovery phrase. It’s the key to your entire digital portfolio – lose it, and you lose everything. The beauty of using a crypto wallet is the security it provides to your private keys. The big idea behind crypto wallets is the isolation of your private keys from your easy-to-hack smartphone or computer – basically anything that can expose your private keys on the internet. Unlike most apps, the Ledger Live crypto wallet app keeps your data directly on your phone or computer, so there’s no need to sign in using an email and password.

You can add and monitor various accounts for various cryptocurrencies. In this new era of digital wealth, true freedom comes from owning your financial future. Ledger unites self-custody with unmatched security, enabling you to control your crypto assets without compromise. Ledger devices ensure that even with all these connectivity enhancements, no action is prompted without your permission, keeping you entirely safe while managing your digital assets. Combined with the Ledger Security Key app, NFC will allow Ledger devices seamless passkey authentication with your cell phone. The NFC chips do not affect your private keys, because just like Bluetooth and USB connectivity, only public data gets transferred.

How do I ensure that the Ledger Live App for PC is secure?

After finishing the process of installation, select the button «Finish». Unlike traditional KYC which can ask for many more forms of identification, Ledger Recover verifies your identity with just an ID and a selfie. Setting up a new device is easy, as your Ledger Live info can be restored quickly without re-entering account details manually every time. This makes complex crypto transactions understandable and transparent, giving you the confidence to make informed decisions.

Blockchain enthusiast ZachXBT alerted the cryptocurrency community on November 5 of a fraudulent Ledger Live application in the Microsoft Store that stole almost $600,000 from users who installed it. Restore access to your crypto wallet in case of a lost, damaged, or out of reach Secret Recovery Phrase. This guide provides complete step by step instructions on how to setup a new Ledger Nano S hardware wallet, using the Ledger Live application. The fake app, dubbed «Ledger Live Web3,» misled users into thinking they were installing the actual Ledger Live interface for offline cryptocurrency storage, according to cryptocurrency detective ZachXBT. All three tech behemoths have had run-ins with rogue apps on their stores – especially the official app store for Android smartphones and tablets, Google Play. With Ledger Live, you can manage many blockchains and tokens with different accounts all at once.

Since the screen is tamper-proof, you’re protected from both physical and remote hacking vectors like address poisoning, address switching, and clickjacking malware. But before we move on to what makes Ledger devices so successful, let’s understand what self-custody even means and its importance in crypto. Owing to this, Ledger secures 20% of the world’s total crypto value today.

Create your username and password

To see your address you can click on «Receive» on the left hand side of the interface. Always make sure your URL says «ledger.com» when using the Ledger website. Mentions of any cryptocurrencies or projects outside of the context of a legitimate Ledger-related question will be removed, and may result in a ban after repeated offenses. Flair is that little box displayed next to usernames saying «Ledger Customer Success» or something similar. All Ledger employees are given this flair to indicate their official status. The best thoughts focus on the idea rather than the person who’s communicating the idea, whether it’s someone on the forum or a public figure.

• These chips, found in every Ledger device, are designed to safeguard private keys and sensitive data by implementing multiple countermeasures against side-channel and fault attacks.
• For buying crypto, Coinify aggregates prices from different providers to ensure competitive deals.
• The NFC chips do not affect your private keys, because just like Bluetooth and USB connectivity, only public data gets transferred.
• They have the control to freeze your accounts or access and mishandle your funds.
• You now know how to setup your Ledger Nano S with Ledger Live and send and receive transactions.
• Even if someone gains physical access to your wallet, it is impossible to restore access to your assets without the seed phrase.
• This service is a quantum leap in crypto innovation that makes self-custody more accessible, reducing the anxiety of losing access to your assets.
• Ledger’s Security Key app on both devices offers passkey capabilities to its next-gen devices.
• Ledger Live can be used to connect your hardware wallet to cryptoasset and fiat on-ramps.

Members of the crypto community have lost $768,000 after downloading a fake Ledger Live app from the Microsoft app store. For installation on Android devices, the version of the operating system must be higher than Android 7.0. You will need to allocate at least 100 MB of free space and 2 GB of RAM.

Open the Ledger Live application on your computer or mobile device.5. This is where you can manage and install apps on your Ledger device.6. Find and choose the app for the cryptocurrency or service you want to use.

There’s no transaction history indicating anything unusual either. Once you have connected your Ledger device to MetaMask and initiated the transaction, there will be an option to cancel or speed it up in the transaction list. To fix a stuck transaction on the Ethereum network, you can either cancel or speed it up in MetaMask. The developer, Ledger SAS, indicated that the app’s privacy practices may include handling of data as described below. This article guide describes how you can add a token with its supported network on Ledger Live. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

I’ve heard people say that only ETH or erc-20 tokens can be taken. Ledger Live is integrated with the Ledger Manager feature, which verifies the authenticity of all installed applications and updates. This protects against fake programs and phishing sites that may try to steal user data.

For example, you can send or receive transactions, check balances, and perform other actions depending on the app’s functionality.10. Once you’re done using the app, safely disconnect your Ledger device from your computer or mobile device. The Ledger Nano S is designed with an easy-to-navigate interface, making it straightforward for users to manage their cryptocurrencies. Offering support for multiple currencies, it allows you to store a variety of digital assets, including Bitcoin, Ethereum, and many altcoins.

This means that even if your computer or smartphone is attacked, the keys remain protected. Transactions are signed inside the device, which eliminates the possibility of their interception by intruders. You will need to perform additional installation steps depending on the package you want to work on, please refer to its nested readme file. I woke up this morning and noticed that my Solana holdings are no longer visible in my wallet. I had them staked for quite a while, and now they’re just…

If you have just sent crypto from Ledger Live but didn’t receive your crypto after 3 to 4 hours, the transaction may be stuck. The Ledger App is compatible with desktops using Windows, macOS, and Linux, as well as mobile must have the capacity to meet the minimum requirements before app installation. At $249, it’s the perfect entry point for users seeking powerful protection without sacrificing simplicity or convenience. With every update, Ledger incorporates the Donjon’s findings, keeping the hardware and software one step ahead against emerging threats in real-time.