|
Title: [WARNING] Fake Ledger Live app on Play Store Post by: TryNinja on August 18, 2018, 12:34:53 PM Edit: the app got removed. Thanks, everyone!
Here we go again with the fake apps on Play Store... First, it was MEW and now it's Ledger. Please be careful and help us having the app removed by reporting it. HOW TO REPORT IT: If you are on Android, scroll down a little bit, click on "flag as inappropriate" and select a reason. If you are on PC, report it by filling this form (https://support.google.com/googleplay/android-developer/contact/takedown). Link to the fake app: https://play.google.com/store/apps/details?id=coverage.assets.crypto.ledgerlive < SCAM! DON'T DOWNLOAD IT! https://i.imgur.com/kItY7zo.png Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: cissrawk on August 18, 2018, 01:11:01 PM Done, reported. But, why fake app exist in play store? I thought all app in play store always legit and verified first before releasing on play store. This make me a little bit scared about my assets on my phone.
Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: TryNinja on August 18, 2018, 01:12:49 PM Done, reported. But, why fake app exist in play store? I thought all app in play store always legit and verified first before releasing on play store. This make me a little bit scared with my assets on my phone. Nope. That's on the iOS App Store.For only $25, you can create a merchant account and post your app (legit or not) on the Play Store. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: cissrawk on August 18, 2018, 01:20:12 PM For only $25, you can create a merchant account and post your app (legit or not) on the Play Store. Thats a bad thing, people can easily make a fake/phishing app and released it on play store just with 25 bucks.Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: mk4 on August 18, 2018, 02:55:33 PM As a way of scamming the scammer is asking the potential users to input their recovery seed. Yikes. I'm very sure some people will actually fall for this. We need to get this down asap.
Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: Lanatsa on August 18, 2018, 06:34:34 PM Done reported this fake app.
For only $25, you can create a merchant account and post your app (legit or not) on the Play Store. Thats a bad thing, people can easily make a fake/phishing app and released it on play store just with 25 bucks.We do even see fake metamask extension too. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: batang_bitcoin on August 18, 2018, 11:16:02 PM Lets push that scammer app down. Why it is so easy for them to allow such copy cat apps to exist and register on their platform? Aren't they reviewing it and do some verifications before approving it?
Download only directly to the legit ledger site. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: Lucius on August 19, 2018, 11:04:50 AM This is potentially dangerous for those who do not know how hardware wallets working, and in this case it is asking from users to enter their seed which is a sufficient sign that this is not a legal application. We can only try to take it down ASAP, but unfortunately policy of Google Play does not work in our favor. I did not really know that is so easy for scammers to upload fake software on store, same as it was easy to use Google AdWords to scam thousands of users with fake crypto wallets.
Maybe Google will fix this problem same as with crypto advertising, ban all related to cryptocurrency in Google Play Store? Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: 1Referee on August 19, 2018, 12:39:25 PM Maybe Google will fix this problem same as with crypto advertising, ban all related to cryptocurrency in Google Play Store? That's too drastic and not really a viable option. By doing that they miss out on plenty of crypto related traffic in their Play Store. Facebook saw how much effect it had on their revenue to not allow crypto related entities to buy ad space, which is why they now allow legitimate businesses to buy ad space again. Google can't see whether an app is scam or not, they just scan the app and approve it based on the requirements their automated system thinks are important. People need to become more careful with what they install on their phones, especially when it comes to mobile wallet clients. That being said, Google is still "allowing" crypto ads to be published. You only need to change a few characters in order to bypass their anti crypto measures. Instead of crypto you can go with crypt0 or cryptó. App is reported by me just now. How long does it usually take for apps to be taken down? Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: hugeblack on August 19, 2018, 01:45:27 PM We can only try to take it down ASAP, but unfortunately, a policy of Google Play does not work in our favor. It seems to be many scammers who are trying to use new updates to scam others.There was a Ledger Manager on google's webstore, which was reported and then removed after a period. This application will be removed, but it is a shame for Ledger not continue to update their apps and make sure to report scam one. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: gentlemand on August 19, 2018, 03:21:14 PM Did anyone here download and test it? Did the Ledger itself recognise it or reject it?
Stuff like this is only going to get more prevalent as Ledger and others' profiles get higher. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: lite on August 19, 2018, 03:42:56 PM Did anyone here download and test it? Did the Ledger itself recognise it or reject it? It was a fake app, i don't think scammers would build an app that would have Ledger device recognising function, it would be a simple app that asks one to "import seeds" as mjglqw said. Ledger still has not addressed this, which worries me a lot, people can lose their money. they should warn the users or just release the app on all platforms.Stuff like this is only going to get more prevalent as Ledger and others' profiles get higher. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: TryNinja on August 19, 2018, 03:47:46 PM It was a fake app, i don't think scammers would build an app that would have Ledger device recognising function, it would be a simple app that asks one to "import seeds" as mjglqw said. Ledger still has not addressed this, which worries me a lot, people can lose their money. they should warn the users or just release the app on all platforms. Ledger oddly didn't post anything about this (they made a warning when there was a fake Chrome extension around). Like mjglqw said, all the app did was ask for your wallet seed. Unfortunately, I've seen a user saying that his friend thought the app was legit and got scammed, so at least a few users were affected... :-\Anyways, the app already got removed from the PlayStore so I'll be closing this thread in the next 24 hours. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: Lucius on August 20, 2018, 08:58:01 AM Maybe Google will fix this problem same as with crypto advertising, ban all related to cryptocurrency in Google Play Store? That's too drastic and not really a viable option. By doing that they miss out on plenty of crypto related traffic in their Play Store. Facebook saw how much effect it had on their revenue to not allow crypto related entities to buy ad space, which is why they now allow legitimate businesses to buy ad space again. Google can't see whether an app is scam or not, they just scan the app and approve it based on the requirements their automated system thinks are important. People need to become more careful with what they install on their phones, especially when it comes to mobile wallet clients. That being said, Google is still "allowing" crypto ads to be published. You only need to change a few characters in order to bypass their anti crypto measures. Instead of crypto you can go with crypt0 or cryptó. App is reported by me just now. How long does it usually take for apps to be taken down? Google and other big companies in this case have one big problem, they completely rely on automatic systems which give their approval or rejection. That really makes no sense when it comes to such applications, in fact their system fully supports illegal applications - you only need to pay in order to try fool someone. Solution is actually simple, people who have knowledge and experience should be employed and begin to do this job. Of course, companies do not want any additional costs, it is much cheaper to use bots for that. In the end, because of greed and extra profit we have such situations. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: 1Referee on August 20, 2018, 11:02:30 AM Solution is actually simple, people who have knowledge and experience should be employed and begin to do this job. Of course, companies do not want any additional costs, it is much cheaper to use bots for that. In the end, because of greed and extra profit we have such situations. It seems simple, but it's not in reality. In order to have people manually verify each application, they need to have enough knowledge to fundamentally break down code, have enough knowledge when it comes to the crypto space, and have enough knowledge when it comes to the various wallet clients that we have. If all that isn't in place, the fake ledger app would even have been approved by a human. No tech company will let coders waste their time approving thousands of applications every day. It's a waste of time, talent, and mindspace. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: Lucius on August 20, 2018, 01:22:06 PM Solution is actually simple, people who have knowledge and experience should be employed and begin to do this job. Of course, companies do not want any additional costs, it is much cheaper to use bots for that. In the end, because of greed and extra profit we have such situations. It seems simple, but it's not in reality. In order to have people manually verify each application, they need to have enough knowledge to fundamentally break down code, have enough knowledge when it comes to the crypto space, and have enough knowledge when it comes to the various wallet clients that we have. If all that isn't in place, the fake ledger app would even have been approved by a human. No tech company will let coders waste their time approving thousands of applications every day. It's a waste of time, talent, and mindspace. In case of fake Ledger Live app it would not be necessary to waste any time or talent, the very fact that application ask for user seed as the starting point of use would be sufficient to be rejected. Or just by contacting Ledger and ask them do they release official app or not. In most of cases it would not be necessary to coders waste their time, they can take certain number of people with solid knowledge of cryptocurrency to check apps only by common sense. As I say all these companies only care for profit, if security of their users is waste of time, talent or mindspace, then let people lose their money on fake apps. Title: Re: [WARNING] Fake Ledger Live app on Play Store Post by: TryNinja on August 20, 2018, 05:43:50 PM In case of fake Ledger Live app it would not be necessary to waste any time or talent, the very fact that application ask for user seed as the starting point of use would be sufficient to be rejected. Or just by contacting Ledger and ask them do they release official app or not. In most of cases it would not be necessary to coders waste their time, they can take certain number of people with solid knowledge of cryptocurrency to check apps only by common sense. Google would have to know how does Ledger work and why the app is malicious for asking for the user's seed. It's the same as saying that they shouldn't ban cryptocurrencies ads because they should know (and research) if an ICO is legit or not. That's simple too much work...Anyways... I'll be locking the thread now. PM me or create a new thread if you still want to discuss something. |
