A fraudulent application masquerading as Ledger Live has led to significant theft of cryptocurrency from users, with investigations revealing a total loss exceeding $9.5 million across more than 50 victims. The fake app, available in the Mac App Store, allowed perpetrators to steal various digital assets, including Bitcoin, Solana, XRP, and USDT, from unsuspecting users between April 7 and April 13, the moment it was taken down.
Blockchain investigator ZachXBT reported that the funds were subsequently laundered through over 150 KuCoin deposit addresses associated with a centralized mixing service known as AudiA6, which is notorious for charging steep fees to wash illicitly acquired funds. Notably, at least three victims suffered losses surpassing $1.95 million each, with one wallet alone being drained of a staggering $3.27 million in USDT.
Among those affected was musician G. Love, also known as Garrett Dutton, who lost 5.92 BTC, valued around $447,000. He recounted his experience on social media, explaining how he inadvertently downloaded the malicious app while transitioning his Ledger to a new computer. Expressing his distress, he stated, “I had a really tough day today. I lost my retirement fund in a hack/scam… All my BTC gone in an instant.”
ZachXBT relayed via social media that he was able to trace the stolen Bitcoin, confirming that it had been laundered through transactions linked to KuCoin. Despite the gravity of the situation, the fake application remained in the App Store for an additional two days after the initial reports of the theft emerged.
Apple has not yet provided a comment on the incident. However, after tracing the stolen funds to its platform, KuCoin’s support responded to G. Love, noting that they had frozen a suspicious account associated with the theft. They highlighted that while they could assist in freezing accounts upon receiving credible complaints, such actions are contingent upon legal protocols.
ZachXBT also pointed out an uptick in illegal activities on KuCoin, hinting at the exchange’s previous regulatory challenges, including a $14 million anti-money laundering fine imposed by Canadian authorities.
The proliferation of fake applications and phishing schemes remains a significant concern for Ledger users. According to the company’s dedicated campaign page, such tactics—including counterfeit calls, emails, and letters—are common threats. In a recent case, the U.S. Attorney’s Office for the District of Connecticut managed to recover $600,000 worth of stolen cryptocurrency tied to a fraud scheme involving deceptive letters that appeared to be from Ledger.
As of now, Ledger has not publicly addressed the latest phishing campaign or responded to inquiries regarding the fraudulent application.
