Fake Ledger App on Apple Store Drains $9.5M in Week-Long Scam
Zach Anderson Apr 14, 2026 14:53
Over 50 victims lost $9.5M to a fraudulent Ledger Live app on Apple's App Store between April 7-13, with stolen funds laundered through KuCoin addresses.
A counterfeit Ledger Live application listed on Apple's App Store stole approximately $9.5 million from more than 50 victims over just six days, according to blockchain investigator ZachXBT. The fraudulent app, which Apple removed on April 13, tricked users into surrendering their seed phrases—the master keys to their crypto wallets.
The theft spree ran from April 7 through April 13, hitting users across Bitcoin, Ethereum, Solana, Tron, and XRP Ledger networks. Three victims alone accounted for over $7 million in losses: one lost $3.23 million in USDT on April 9, another hemorrhaged roughly $2 million in USDC on April 11, and a third saw $1.95 million in BTC, ETH, and staked ETH vanish.
Funds Funneled Through KuCoin
ZachXBT traced the stolen crypto through more than 150 KuCoin deposit addresses allegedly connected to AudiA6, which he described as a centralized mixing service. The investigator flagged what he called increased illicit activity on the exchange—notable timing given that Austria's regulator banned KuCoin from onboarding new EU users in February, shortly after the platform received its MiCA license.
Neither Apple nor KuCoin had responded to requests for comment at publication. ZachXBT openly questioned whether the incident could support a class action lawsuit against Apple for allowing the malicious app through its review process.
Ledger CTO: Trust Nothing
Ledger's chief technology officer Charles Guillemet didn't mince words about the security implications. The company never asks for 24-word recovery phrases, he emphasized, warning users that official-looking software environments offer no real protection.
"You cannot trust the software environment around you—not your browser, not your app store, not your desktop," Guillemet told Cointelegraph. "Attackers operate wherever the opportunity exists," including platforms users assume are vetted.
The warning comes too late for musician Garrett Dutton, known professionally as G. Love, who disclosed Monday that he lost approximately $420,000 in BTC after downloading what he believed was the legitimate Ledger Live app from Apple's store. His funds also ended up at KuCoin deposit addresses, according to ZachXBT's analysis.
A Recurring Problem
This isn't the first time fake Ledger apps have slipped past major platform gatekeepers. Similar malicious applications appeared on Microsoft's store in 2023, causing substantial losses before removal. The pattern suggests app store review processes remain inadequate for catching sophisticated crypto-targeting malware.
For traders and holders, the takeaway is blunt: hardware wallet seed phrases should never be entered into any application, regardless of where it was downloaded. The only legitimate use for those 24 words is recovering a wallet on a physical Ledger device itself—not in software claiming to be Ledger Live.
With Q1 2026 already seeing $482 million lost to Web3 hacks according to security firm Hacken, this incident adds to what's shaping up as another brutal year for crypto security. Users holding significant assets might want to reconsider whether any hot wallet exposure is worth the convenience.
Image source: Shutterstock.jpg)