Fake Ledger App on Apple Store Drains $420K Bitcoin from G. Love

TLDR

• Fake Ledger App drains 5.92 BTC after seed phrase entry mistake
• Apple Store listing mimics Ledger App, leading to $420K Bitcoin loss
• Stolen BTC traced to KuCoin after fake Ledger App phishing attack
• Fake Ledger App scam highlights risks of entering recovery phrases
• Crypto scam uses fake Ledger App to steal decade-long savings

A fraudulent Ledger App listing on Apple’s Mac App Store enabled attackers to steal nearly $420,000 in Bitcoin from musician Garrett Dutton. The incident occurred during a device migration, where the victim entered a recovery phrase into the fake Ledger App. Consequently, the attackers gained full control and drained 5.92 BTC within minutes.

Fake Ledger App Listing Triggers Seed Phrase Theft

The fake Ledger App appeared in the Mac App Store under a developer account unrelated to Ledger. The application closely mimicked the legitimate Ledger Live interface and setup process. As a result, the victim trusted the Ledger App and followed its prompts during installation.

During setup, the fraudulent Ledger App requested a 24-word recovery phrase from the user. Authentic Ledger software never requires seed phrase entry on desktop interfaces. Entering the phrase into the Ledger App exposed complete wallet control to attackers.

Once the credentials were captured, attackers executed transfers without further interaction from the victim.The stolen Bitcoin moved instantly across multiple addresses controlled by the perpetrators. The Ledger App exploit demonstrated how simple interface deception can bypass user caution.

On-Chain Tracking Links Funds to KuCoin Addresses

On-chain investigator ZachXBT traced the stolen 5.92 BTC through nine separate transactions. The analysis linked the funds to deposit addresses associated with KuCoin. This pattern suggests rapid laundering through exchange infrastructure after the Ledger App attack.

The traced movements showed a structured dispersal method common in prior wallet phishing cases. Additionally, the use of multiple addresses indicated an attempt to obscure transaction trails. The Ledger App theft followed known laundering behaviors seen in earlier crypto scams.

KuCoin did not confirm any intervention regarding the traced funds at the time of reporting. Meanwhile, investigators highlighted ongoing concerns around exchange-level monitoring of suspicious deposits. The Ledger App incident again raised questions about post-theft tracking and response systems.

Recurring App Store Failures Enable Crypto Scams

This Ledger App case reflects a broader pattern of fraudulent wallet applications bypassing app store review systems. In 2023, a similar fake Ledger application on Microsoft’s store resulted in nearly $600,000 in losses. Therefore, repeated failures highlight structural gaps in detecting impersonation-based threats.

Cybersecurity reports also identified macOS malware that replaced legitimate wallet software with fake interfaces. Attackers continued to rely on social engineering rather than exploiting technical vulnerabilities. The Ledger App scam shows how trust in distribution platforms amplifies these risks.

Security experts warned that users should never input recovery phrases on internet-connected devices. Attackers distribute fake wallet apps through ads, emails, and physical phishing campaigns. The Ledger App incident reinforces that seed phrase exposure remains the primary attack vector.

The broader context shows rising crypto-related crime, with reported losses reaching $11 billion in 2025.  Phishing campaigns increasingly use realistic interfaces and trusted platforms to target users. The Ledger App theft highlights persistent gaps in platform screening and user verification practices.

The post Fake Ledger App on Apple Store Drains $420K Bitcoin from G. Love appeared first on CoinCentral.