A fake version of Ledger Live made it onto Apple's Mac App Store and siphoned $424,000 in Bitcoin from musician G. Love. The incident is part of a broader phishing campaign that has netted $9.5 million from more than 50 victims, according to sources familiar with the matter.
How the fake app worked
The counterfeit app posed as the legitimate Ledger Live wallet management software. It likely tricked users into entering seed phrases or private keys, giving attackers full control over their funds. G. Love discovered the theft when he noticed the missing Bitcoin. The app was available for download on the Mac App Store, bypassing Apple's usual review process.
A $9.5 million campaign
The larger phishing campaign has affected over 50 victims, totaling $9.5 million in losses. That suggests a sophisticated operation targeting crypto users specifically. The attackers appear to have used multiple fake apps and websites to lure victims. The scale of the theft indicates this wasn't a one-off mistake — it's an organized effort.
Apple's App Store review under scrutiny
The fact that a fake app passed Apple's review process raises questions about the security of the Mac App Store. This isn't the first time malicious software has slipped through. Apple has faced criticism before for allowing scam apps, but a crypto wallet clone is particularly dangerous. The company hasn't commented on the specific app removal yet.
What Ledger users should do
Ledger has repeatedly warned users to only download Ledger Live from the official Ledger website. Verify the app's digital signature before installing. Never enter your seed phrase into any software — a legitimate wallet will never ask for it. If you've used a fake app, move your funds to a new wallet immediately. The investigation is ongoing, and more victims may come forward.




