A fraudulent copy of the Ledger Live app on Apple’s Mac App Store stole roughly $420,000 worth of Bitcoin (5.92 BTC) from musician G. Love. The theft occurred after he mistakenly entered his secret recovery phrase – a 24-word seed – into the fake app while trying to connect his hardware wallet to a new Apple computer.
On April 11, 2026, Peter Dutton announced on X (formerly Twitter) that his Bitcoin retirement savings – built up over about ten years – had been stolen. A blockchain investigator named ZachXBT later verified the theft, tracking the stolen funds through nine transactions to accounts on the KuCoin exchange.
We believe this isn’t just about one person being affected, but rather a sign that major app stores consistently fail to properly check cryptocurrency wallet apps for fraud before users download them.
I had a terrible day. I lost all of my retirement savings to a hack or scam after transferring my Ledger wallet to my new computer and mistakenly downloaded a fake app from the Apple App Store. All of my Bitcoin was stolen immediately.
— G. Love (@glove) April 11, 2026
DISCOVER: Best Crypto to Buy Right Now
Fake Ledger App Store Listing, Seed Phrase Capture, and the On-Chain Trail to KuCoin
Here’s how the scam worked: a fake application was uploaded to Apple’s Mac App Store. It wasn’t created by Ledger, but it looked and acted like the real Ledger Live app – the software Ledger users normally install to control their hardware wallets and digital assets.
When Dutton installed the app on his new Apple computer during a transfer from his old one, it immediately asked for his 24-word recovery phrase. This was unusual, because the real Ledger Live app only asks for this phrase directly on the Ledger device itself, not during the initial setup on the computer.
Dutton followed the instructions and typed the phrase into the fake app, sending his login information to the criminals. After that, they didn’t need any further action from him to steal his Bitcoin. Knowing the seed phrase gave them full and permanent access to all the funds in his wallet, even without the physical device.
I was able to track the 5.92 BTC that was stolen, and it appears all of it was laundered through deposit addresses on the KuCoin exchange, as shown in the following transactions:
Okay, so I’ve been looking into this long string of characters – it’s a hash, basically a digital fingerprint. It seems to be related to a transaction on the blockchain, probably Bitcoin or Ethereum. It’s how the network verifies the authenticity and integrity of the data. It’s a bit technical, but it confirms a specific piece of information hasn’t been tampered with. As an investor, it’s reassuring to see these confirmations happening, as it shows the network is secure and reliable. I’m tracking it to ensure my transactions are valid and haven’t been altered in any way.
— ZachXBT (@zachxbt) April 12, 2026
ZachXBT’s investigation found nine transactions sending the 5.92 BTC to KuCoin deposit addresses. This is a common tactic used in similar scams – criminals use exchanges with weaker security checks to quickly convert stolen cryptocurrency into funds they can access.
When the hack happened, the stolen crypto was worth around $420,000, calculated using a Bitcoin price of about $70,955. As of today, KuCoin still hasn’t said anything publicly about where the stolen funds ended up. I was relieved to hear from Dutton that this wasn’t a problem with the Ledger hardware itself, but instead a clever social engineering attack using a fake app. That’s a big difference because it changes how I think about protecting my crypto – it’s less about the device and more about being careful about what apps I connect to my wallet.
App Store Review Failures and the Recurring Scam Wallet Attack Surface
This isn’t the first instance of a fake Ledger app making it past app store security checks. Back in 2023, a fraudulent Ledger Live app on Microsoft’s app store allowed attackers to steal almost $600,000 in Bitcoin from several people before it was taken down.
In early 2025, Moonlock, a cybersecurity company, discovered malware targeting Mac computers. This malware secretly swapped out the real Ledger Live app with a fake version, tricking users into entering their sensitive recovery phrase (seed phrase) through a deceptive interface. This type of scam – where a fake app is delivered via app stores or downloads, captures the seed phrase, and then quickly steals funds – has been happening for years across different platforms and hasn’t been effectively stopped.
Ledger has always publicly stated that its software is only available on its official website, ledger.com. They also emphasize that a genuine Ledger app will *never* ask you for your recovery phrase on any computer or phone.
it seems Apple does not want people documenting the fact they allow fake apps on the App Store.
— ZachXBT (@zachxbt) April 12, 2026
As a crypto investor, I’m really concerned about fake apps showing up in the App Store when I search for Ledger. It’s unsettling because you trust Apple to check these apps, but it seems their system isn’t great at spotting apps that *look* like legitimate hardware wallet interfaces. The problem isn’t that these fake apps have viruses – it’s that they trick you with a convincing user interface into giving up your sensitive information. Apple’s checks seem focused on whether an app *works* and follows the rules, not whether it’s pretending to be something it’s not.
Crypto users who manage their own wallets need to be aware that increasingly complex theft schemes are being used against them. These schemes often involve tricking people through social engineering, combined with the use of seemingly legitimate platforms like app stores and realistic-looking software. Unfortunately, these threats are not becoming less common – the ways criminals can target you are actually expanding.
EXPLORE: Best meme coins to watch – CoinSpeaker’s updated rankings
Read More
- Surprise Isekai Anime Confirms Season 2 With New Crunchyroll Streaming Release
- The Super Mario Galaxy Movie: 50 Easter Eggs, References & Major Cameos Explained
- 10 Best Free Games on Steam in 2026, Ranked
- Starfield (PS5) Review – A Successful Cross-Console Voyage
- Preview: Sword Art Online Returns to PS5 as a Darker Open World Action RPG This Summer
- All 7 New Supes In The Boys Season 5 & Their Powers Explained
- ‘Project Hail Mary’: The Biggest Differences From the Book, Explained
- Frieren: Beyond Journey’s End Gets a New Release After Season 2 Finale
- Welcome to Demon School! Iruma-kun season 4 release schedule: When are new episodes on Crunchyroll?
- Skate 4 – Manny Go Round Goals Guide | All of the Above Sequence
2026-04-13 15:11