A fraudulent Ledger Live application distributed through Apple's Mac App Store stole 5.9 Bitcoin worth $424,000 from musician G. Love, part of a phishing campaign that drained more than $9.5 million from over 50 victims.
"I lost the coins in an instant," Dutton wrote on X, where he has 67,500 followers, adding that the incident was "my own damn fault for not being more diligent."
Blockchain investigator ZachXBT traced the stolen funds to deposit addresses linked to crypto exchange KuCoin across nine separate transactions, according to a post on Telegram. The fake Ledger Live app had been available on Apple's official Mac App Store before its removal. Apple did not respond to a request for comment.
The incident highlights persistent risks in self-custody, where users who hold their own private keys face direct exposure if those keys are entered into malicious software, regardless of how legitimate the interface appears. The U.S. Federal Bureau of Investigation reported Tuesday that Americans lost more than $11 billion to crypto-related incidents in 2025, up from $9 billion the prior year.
Dutton, known professionally as G. Love, said he had accumulated the Bitcoin over roughly ten years as a retirement fund. He downloaded the malicious software on a new Apple MacBook Neo but did not specify which link he used to access it.
Fake Ledger Live apps have been used in similar attacks since at least 2023. That year, a counterfeit version on Microsoft's App Store resulted in nearly $600,000 in Bitcoin losses across multiple victims. Microsoft acknowledged that the app had bypassed its review process and removed it shortly after.
In April, a separate fraudulent Ledger app briefly appeared on Apple's App Store and stole approximately $9.5 million from more than 50 victims after convincing users to enter their recovery phrases, according to blockchain investigators.
ZachXBT has previously criticized hardware wallets as unsuitable for securing large cryptocurrency holdings, calling Ledger the worst among major providers. In a recent Telegram post, he described current hardware wallets as "complete garbage" for critical crypto operations and recommended using a dedicated iPhone exclusively for crypto management instead. He did not claim that Ledger's private-key protection had been compromised or that users faced an immediate technical security threat.
Ledger continues promoting hardware wallets as a secure method for keeping private keys offline and isolated from internet-connected devices. The company has also released regular software updates focused on security improvements and bug fixes.
This article is for informational purposes only and does not constitute investment advice.