Fake Ledger Live app drains users' assets by stealing their seed phrases: Moonlock

Cybercriminals are leveraging a fake Ledger Live app to replace the legitimate one on macOS users’ devices, thereby stealing their seed phrases and draining their crypto assets, Cointelegraph reported, citing a recent report by cybersecurity technology firm Moonlock. Moonlock noted that initially, exploiters simply utilized a clone to steal passwords, notes and wallet details to view the assets in victims' wallets, but they could not withdraw funds. According to the report, the fake app displays a convincing alert regarding suspicious activity and prompts users to input their seed phrases. “Once entered, the seed phrase is sent to an attacker-controlled server, exposing the user’s assets in seconds,” Moonlock cautioned.