In the cryptocurrency space, it’s not new for us to see new and clever ways of hackers trying to steal our precious tokens.
In today’s case, it’s through a fake Ledger app on the Microsoft App Store.
The fake Ledger app 🤥
As per the well-known crypto sleuth — ZachXBT (we recommend giving him a follow on Twitter!), the scammer has managed to steal 16.8+ BTC, which is currently worth around $588k.
You can track the scammers wallet address here.
Unfortunately, these fake apps get into app stores (mostly the Google Play Store) from time to time because some app stores are far less strict when approving apps.
How does a fake Ledger app steal your crypto? 🧐
With most scam apps such as this one, the fake app will ask you to enter your 12-24 word recovery phrase into the desktop app; causing the hacker to gain access to all your funds.
Always remember: Ledger, Trezor, or any decent hardware wallet will not ask you to enter your 12-24 word recovery phrase into your computer or phone. Only enter your 12-24 word recovery phrase on the hardware wallet device itself, when doing wallet recoveries.
How do I prevent myself from getting scammed? 🧠💡
When interacting with new platforms, always keep your guard up and think that everyone is out to steal your precious crypto.
Also, ChainSec has made an extensive guide that covers probably 90%+ of existing scams. We heavily recommend giving it a good read to make yourself aware.
