Philadelphia musician G. Love (Garrett Dutton) has lost nearly 6 BTC—worth over $420,000— after falling victim to a sophisticated scam involving a fake Ledger wallet app downloaded from Apple’s App Store, highlighting the growing risks of software-based attacks in crypto.
According to G. Love, the incident occurred while setting up his Ledger hardware wallet on a new computer. After searching for the Ledger Live app in the Apple App Store, he unknowingly downloaded a malicious version that appeared legitimate. The app prompted him to enter his 24-word seed phrase—the master key to his wallet. Once entered, the attacker immediately gained full access and drained his Bitcoin holdings. On-chain investigator ZachXBT later confirmed that approximately 5.92 BTC was stolen and routed through multiple transactions, eventually landing in exchange-linked wallets.
Importantly, this was not a hack of the blockchain or Ledger device itself—it was a social engineering attack. The scam worked by:
Once a seed phrase is exposed, the attacker has complete and irreversible control over the wallet—rendering hardware protections useless.
What makes this case especially alarming is the reported distribution method. The malicious app was allegedly found on the Apple App Store, a platform generally perceived as secure. However, no official statement from Apple has confirmed how the app was listed or how long it remained available, leaving open questions about platform-level security and vetting processes.
Ledger has long warned users that its official software, Ledger Live, should only be downloaded from its official website—not app stores. The company also emphasizes a critical rule in crypto security:
No legitimate service will ever ask for your seed phrase. Entering that phrase anywhere outside the hardware device itself compromises the entire wallet instantly.
This incident underscores a critical vulnerability in crypto today.
The bigger takeaway:
The biggest risk in crypto isn’t always the technology—it’s the user interface layer. As scams become more sophisticated, even trusted platforms like app stores can become attack vectors, making education and vigilance just as important as security tools.
The crypto market is entering the end of an era as CME Group officially launches 24/7 Bitcoin and…
Asset management giant VanEck has officially launched the first-ever U.S. spot ETF tied directly to BNB, the native…
Layer-1 blockchain Sui experienced another major network outage on May 28 after block production and transaction processing…
The Depository Trust & Clearing Corporation (DTCC) has announced plans to connect its tokenization infrastructure to the Stellar blockchain,…
Robinhood is officially entering the “agentic AI” era after unveiling a new beta feature that…
Bitcoin financial services company Fold has officially begun rolling out its long-awaited Bitcoin rewards credit card, allowing…