Fake Ledger Live App on Apple’s App Store Stole $9.5M in Crypto

The emergence of a fake Ledger Live application on Apple’s macOS App Store illustrates how cybercriminals exploit gaps in official distribution channels. By masquerading as a legitimate wallet manager, the malicious app lured users into entering their seed or recovery phrases, instantly granting thieves full control over assets on multiple blockchains. Within a matter of days, the scheme drained roughly $9.5 million from 50 victims, with individual losses ranging from $1.95 million to $3.23 million. The attackers then dispersed the crypto through over 150 KuCoin deposit addresses, employing the AudiA6 mixing service to obscure the trail before the exchange froze the accounts.

For crypto holders, the episode is a stark reminder that the security of digital assets hinges on more than just strong private keys. Even reputable hardware wallet brands like Ledger can be compromised indirectly when users download unofficial software. Ledger’s official macOS client is hosted exclusively on its website, yet the allure of a convenient App Store download proved too tempting for some. Past incidents, such as a similar Microsoft Store scam that netted $768 000 in 2023, show a pattern of threat actors targeting platform ecosystems where verification processes may lag behind rapid release cycles. User education—emphasizing verification of publisher IDs and the dangers of sharing seed phrases—remains a critical defense layer.

Regulators and exchanges are also feeling the pressure. KuCoin, already fined $300 million in the United States for AML violations, acted quickly to freeze the implicated accounts, but the temporary nature of the freeze underscores the need for sustained cooperation with law‑enforcement. The broader industry must tighten app‑store review standards, improve real‑time monitoring of suspicious wallet activity, and promote best‑practice guidelines for seed‑phrase handling. As crypto adoption expands, aligning platform security with traditional financial safeguards will be essential to protect investors and maintain market confidence.