A fake Ledger Live app listed on Apple’s App Store has cost American musician Garrett “G. Love” Dutton roughly $420,000 — about 5.9 BTC — after he installed the malicious program on a new MacBook Neo and was tricked into entering his recovery seed.
Dutton took to X to describe the loss as “a really tough day,” saying the funds disappeared “in an instant.” He added, “I’ve been in the crypto circus since 2017. Today they caught me off guard. It was my own damn fault for not being more diligent. But let it serve as a warning. There’s so many scams.”
On-chain researcher ZachXBT traced the stolen coins to addresses linked to the KuCoin exchange, noting the funds were moved in nine separate transactions. KuCoin responded with a standard customer-service reply, but the transfers highlight how quickly stolen crypto can be funneled to exchanges for cash-out.
This case is the latest example of impersonation scams that continue to plague the space. In 2023 a bogus Ledger app on Microsoft’s store led to nearly $600,000 in losses before Microsoft acknowledged the software had slipped past its internal review process. Meanwhile, the FBI reports crypto-related losses in the U.S. rose to $11 billion in 2025, up from $9 billion the year before — indicating scams are both growing and diversifying.
Offline attacks have followed the same playbook. Researchers and reporters have documented fraudsters using leaked contact data to send convincing physical letters to Ledger and Trezor customers. These letters — printed on forged letterhead and often bearing urgent deadlines (for example, “mandatory authentication check” requests with deadlines such as Feb. 15, 2026) — push recipients to scan QR codes that lead to malicious sites. Victims who enter their 12–24 word recovery phrases on those sites immediately hand control of their wallets to attackers, who leverage backend APIs and exchange flows to seize and move assets.
Both Ledger and Trezor have faced scrutiny over the exposure of user contact information in past breaches, a vulnerability these mail-based campaigns exploit.
What this means for users
- Never enter your recovery phrase into an app or website. Ledger, Trezor and other hardware-wallet providers do not ask for a seed phrase via software or email.
- Download wallet manager apps only from official vendor websites and verify developer details in app stores.
- Use hardware wallets with caution: confirm firmware and app legitimacy, and consider isolating devices that hold long-term savings.
- Monitor on-chain movements of your assets where possible and report suspicious transactions to exchanges and law enforcement quickly.
The G. Love incident is a stark reminder that scams are evolving to combine digital and physical vectors, and that even experienced crypto users can be targeted. Vigilance, verified sources, and basic operational security remain the best defenses.
Read more AI-generated news on: undefined/news
