ReadHistory
Fake Ledger Live Updater
Phishing campaign distributing a counterfeit 'Ledger Live' update that exfiltrates seed phrases.
Also known as: Ledger Live Update, ledger-live-update.com
Overview
Victims received emails claiming a critical security update was required for Ledger Live. The linked site served a malicious installer that prompted users to "re-sync" by entering their 24-word recovery phrase.
How it works
- Spoofed sender domain
- Pixel-perfect clone of the real site
- Seed phrase captured and funds swept within minutes
People & entities involved
Known links
- https://ledger-live-update.example (website)
Links are shown as plain text and not clickable for safety.
Sources (1)
- Phishing domain writeup — ScamAlert
See also
- Compounder Finance (CP3R)TokensAn Ethereum yield aggregator (a Harvest/Yearn clone) that rug-pulled ~$10.8M (some estimates ~$12.5M) in Dec 2020 by swapping audited 'Strategy' contracts for malicious ones via an unmonitored timelock. CP3R fell ~99% and the team vanished.
- AnubisDAO (ANKH)TokensAn OlympusDAO-style project with no website or whitepaper and pseudonymous developers that raised ~13,556 ETH (~$60M) in October 2021. About 20 hours later all liquidity was withdrawn and the token fell to zero — a rug pull.
- ZKasino exit scamProjects
This page was last updated on Jun 8, 2026. View revision history.