Fake Ledger App on Mac App Store Drains $9.5 Million in Crypto
A fake version of the Ledger Live app quietly stole over $9.5 million in cryptocurrency from more than 50 people—including musician G. Love—before Apple pulled it from the Mac App Store. If you’ve ever trusted an app just because it’s in an official store, this story shows why even that isn’t always safe.
How a Fake App Fooled Real Users
Ledger is a well-known company that makes physical “hardware wallets”—small devices that securely store digital assets like Bitcoin offline, away from hackers. To manage those assets, users often download Ledger Live, the company’s official software. But last week, a convincing counterfeit of that app appeared in Apple’s Mac App Store.
The fake app looked nearly identical to the real one. Once installed, it asked users to connect their Ledger device and enter their recovery phrase—a string of 12–24 words that acts like a master key to all their crypto. Sharing that phrase with any app or website instantly gives away full control of your funds.
Think of your recovery phrase like the combination to a home safe. If someone tricks you into typing it into a fake bank app, they can empty your safe—even if the app looks legit.
Victims Lost Everything in Minutes
Among those affected was Garrett Dutton, known as G. Love, who lost about $447,000 worth of Bitcoin. He’d just switched to a new computer and, assuming the App Store only hosts trustworthy apps, downloaded what he thought was Ledger Live. In seconds, his entire crypto stash vanished.
Blockchain investigator ZachXBT traced the stolen funds and found:
- Over $9.5 million total was taken across Bitcoin, Solana, XRP, and USDT.
- One victim lost $3.27 million in stablecoins alone.
- At least three people each lost more than $1.95 million.
The thieves quickly moved the money through over 150 deposit addresses linked to KuCoin, a crypto exchange, using a service called AudiA6 that mixes stolen funds with others to hide their origin—similar to how someone might launder cash by running it through multiple businesses.
Why Was This App Allowed on the App Store?
Apple’s App Store has strict review guidelines, but scammers are getting better at slipping through. The fake Ledger app used similar branding, correct spelling, and mimicked real features well enough to pass initial checks. It stayed live for nearly a week—from April 7 to April 13—before being removed.
This isn’t the first time Ledger users have been targeted. The company warns that phishing attacks often come through fake apps, emails, phone calls, or even letters that look official. Last year, U.S. authorities recovered $600,000 in crypto stolen via fake Ledger mailings.
What Does This Mean for Regular People?
You don’t need to own crypto to learn from this: trust isn’t guaranteed just because something comes from a big platform like Apple. Always double-check URLs, app publishers, and never, ever type your recovery phrase into any software—real Ledger apps will never ask for it.
If you use a hardware wallet:
- Only download software directly from the official company website (ledger.com), not app stores.
- Bookmark the real site to avoid typos.
- Treat your recovery phrase like a password you never share—not even with tech support.
Key Takeaways
- A counterfeit Ledger Live app on the Mac App Store stole $9.5 million in crypto from over 50 users.
- Victims included public figures like musician G. Love, who lost nearly half a million dollars.
- The scam worked by tricking users into entering their private recovery phrase—the ultimate key to their digital assets.
- Stolen funds were rapidly laundered through KuCoin using mixing services to obscure their trail.
- Even trusted app stores aren’t immune to sophisticated fakes; vigilance is essential.
— Editorial Team