A fake Ledger Live app on Apple’s App Store has cost American musician Garrett “G. Love” Dutton roughly 5.9 BTC — about $420,000 — after the artist downloaded the malicious program onto a new MacBook Neo and was tricked into entering his seed phrase.
What happened
- Dutton posted on X that the fraudulent app, which impersonated Ledger’s desktop manager, prompted him to provide his recovery words. Within minutes the funds were gone, wiping out almost a decade of retirement savings. “I had a really tough day,” he wrote. “I been in the crypto circus since 2017. Today they caught me off guard. It was my own damn fault for not being more diligent. But let it serve as a warning. There’s so many scams.”
- On-chain researcher ZachXBT traced the stolen BTC through nine transactions to addresses tied to the KuCoin exchange. KuCoin acknowledged the report with a routine customer-service reply, but the move of funds to a major exchange highlights how quickly stolen crypto can be laundered.
Wider implications
- This incident underscores an ongoing threat: malicious impostor apps slipping into major app stores. In 2023 a similar fake Ledger app appeared on Microsoft’s store and was used to steal nearly $600,000 before the company admitted the software had bypassed its review process.
- The FBI warns these scams are increasing. U.S. crypto-related losses climbed to $11 billion in 2025, up from $9 billion the previous year, driven by phishing, fake apps, rug pulls and other frauds.
Physical phishing campaigns, too
- Attackers have also targeted hardware wallet owners with highly realistic postal phishing. Using contact details leaked in past data breaches, scammers have mailed forged letters on fake Ledger and Trezor letterheads demanding a “mandatory authentication check” and imposing tight deadlines (one cited date: Feb. 15, 2026).
- Recipients who scan included QR codes are sent to malicious sites that request 12–24 word recovery phrases. Once entered, attackers leverage backend APIs to seize wallets. These campaigns rely on exposed contact information, and both Ledger and Trezor have faced scrutiny over the security of customer data.
Takeaway
- The G. Love theft is a stark reminder: never enter your seed phrase into software or web pages, and verify apps and downloads through official vendor sites. If you suspect theft, act quickly — traceable on-chain movements can accelerate laundering, and reporting to exchanges and law enforcement as soon as possible improves the chance of recovery.
This case adds to a mounting list of high-profile losses tied to impersonation and phishing, reinforcing the need for stronger app-store safeguards and better user education across the crypto ecosystem.
Read more AI-generated news on: undefined/news
