TLDR
- An XRP investor lost 25,000 XRP worth over $71,000 while using Ledger Live.
- The victim claimed the loss occurred during a login attempt on the Ledger Live app.
- Community members questioned the claim since Ledger Live requires device confirmation for transactions.
- Some users suggested the investor may have entered the recovery phrase on a fake website.
- The victim reportedly interacted with a fake Ledger support account on X before or after the breach.
A recent XRP theft has reignited community concerns about the safety of hardware wallets and phishing tactics. The investor lost 25,000 XRP, valued at over $71,000. He claimed the loss occurred while using the Ledger Live application.
Ledger Live Use Under Scrutiny
Vincent Scott, an independent journalist, reported the incident on X, citing details from the affected user. The user explained that the XRP was stolen during a login attempt on Ledger Live. He believed the breach originated from the app.
One of our people just got drained 25k XRP from Ledger
Yal.
Change your passcodes randomlyYou never know what malware is installed in your cpu with some AI just waiting for you
Just ONE scam email or text or whatever can fuck you over
Then boom gone.
— VincentScott (@VincentSco72192) October 8, 2025
Scott cautioned users to update passcodes regularly and watch for hidden malware. He added, “One wrong click can cost everything.” Following the post, users questioned how such a theft could happen using a hardware wallet.
However, several users disagreed with the victim’s claims. They argued that Ledger Live doesn’t store XRP and only connects to the hardware device. Moreover, any transaction requires physical confirmation on the device.
Possible Causes and Community Reactions
Some speculated the user might have entered his seed phrase into a fake Ledger website. Others believed he could have used a counterfeit Ledger device. Still, there was no direct evidence to support either theory.
Further discussions suggested that phishing scams are now sophisticated enough to mimic official Ledger support accounts. Scott later revealed that the victim interacted with someone pretending to be Ledger support on X. However, it remains unclear whether that interaction caused the theft or occurred afterward.
Despite the uncertainty, community members emphasized the need for better awareness and user responsibility. One commenter noted, “No XRP can move without the user confirming it.” This suggests that user error likely contributed to the breach.
Previous XRP Thefts Raise Concerns
The XRP theft adds to a growing list of losses tied to Ledger-related scams. In January, a Reddit user reported losing $15,000 after using a fake Ledger Live website. Later in 2024, another claimed to lose $300,000, despite storing their XRP seed phrase on paper.
Other victims cited malware-infected apps and altered software as causes of XRP loss. The increasing frequency of such cases has raised alarm in the broader crypto community. It highlights both company obligations and the critical role of individual security practices.
Experts advise users to download Ledger Live only from its official site. They recommend avoiding unknown links and scanning devices for malware. Regularly changing passphrases and storing XRP recovery phrases offline can also reduce risks.
Scott stated he uses the Xaman wallet, which supports XRP and includes extra security measures. He advised users to keep keys off mobile devices and use built-in security settings. Although hardware wallets remain popular, they are only safe if used correctly.
