Hackers are exploiting fake Ledger Live apps to steal seed phrases and drain cryptocurrency from macOS users. According to cybersecurity firm Moonlock, the malware replicates the legitimate Ledger Live app, replacing it on victims' devices and delivering a convincing pop-up warning about suspicious activity, prompting users to input their seed phrases. This tactic has evolved; initially, attackers could only steal passwords and wallet details but have since learned to extract seed phrases to empty wallets. The malware, identified as Atomic macOS Stealer, has been spreading since August, affecting at least 2,800 hacked websites. Moonlock warns that the threat continues to grow, as discussions about anti-Ledger capabilities are increasing on dark web forums. They advise users to be cautious of any alerts requesting a recovery phrase, never share this sensitive information, and ensure that the Ledger Live software is downloaded only from official sources.

Source đź”—