[Scam] Ledger Live Mobile Malicious app

[notblox1]

What Happened: Ledger Live Mobile Malicious app on GooglePlay store
with more than 500+ downloads  so far.

Code:

google play store link: https://play.google.com/store/apps/details?id=com.ledger.lives.mobileapps
Archived: http://archive.vn/y1QZW
website: https://0101.systems/ylm/
Archived:https://web.archive.org/web/20200701003129/https://0101.systems/ylm/

Domain Name: 0101.systems
Registry Domain ID: aab2b5e3cbd449bd841a6feacd6332c7-DONUTS
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: https://www.namecheap.com/
Updated Date: 2020-04-30T10:38:07Z
Creation Date: 2020-04-25T10:37:22Z
Registry Expiry Date: 2021-04-25T10:37:22Z
Registrar: NameCheap, Inc.

App loads 0101[.]systems/ylm/ into a Webview and asks for your secrets. Once entered, it will send to their backend and your funds will be swept

https://twitter.com/sniko_/status/1278089644761141254

[1715033106]

1715033106

[1715033106]

1715033106

[1715033106]

1715033106

[Pmalek]

Thanks for the warning.
Any Ledger software should be downloaded only from their official website. https://www.ledger.com/ledger-live/download/
The links to Ledger Live and the Android and iOS versions of the app can be found there.
It is a big mistake searching for official apps via the Google Play Store.

[Lucius]

I check GP link and it seems that app is removed, which of course is good news, although too late for some people. Although things like this pose a danger to crypto users, if we stick to basic security measures then no one can trick us to type our seed anywhere except in the hardware wallet itself. I really don’t understand what the problem is with all these people making these beginner mistakes?

But as the old saying goes - "if you look for trouble, you will probably find it"

[notblox1]

Fake Ledger app is removed from google store, but their scam 0101systems website is still running.
Same is also used for Electrum wallet phishing!