A counterfeit version of the Ledger Live app, distributed through Apple’s App Store, has been implicated in a theft involving at least $9.5 million worth of cryptocurrency. Victims are reporting significant financial losses, including entire retirement savings being erased almost instantly.
One affected individual, identified on X as @glove, recounted losing 5.9 BTC—his life’s savings over ten years—after mistakenly downloading what appeared to be the official Ledger app while setting up a new computer.
“I lost my retirement fund in a hack/scam… All my BTC gone in an instant,” he lamented on X.
Blockchain expert ZachXBT later tracked the stolen 5.92 BTC, revealing it was swiftly transferred through various transactions to KuCoin deposit addresses, aligning with a larger laundering scheme observed during this incident.
Requests for comment from both Apple and KuCoin have gone unanswered.
@Glove is among numerous victims affected by this phishing operation, which ran from April 7 to April 13. Over 50 suspected victims were impacted across cryptocurrencies like Bitcoin, Ethereum-compatible tokens, Tron, Solana, and XRP.
Three major losses involved seven-figure amounts: $3.23 million in USDT was stolen on April 9, $2.08 million of USDC on April 11, and a combination of BTC, ETH, and stETH totaling $1.95 million drained on April 8.
Typically, such scams trick victims into entering their recovery phrase within the app, granting attackers full access to their wallets.
The stolen funds were dispersed through more than 150 KuCoin deposit addresses and linked to “AudiA6,” a centralized crypto mixing service known for its high fees aimed at masking illicit transactions.
The utilization of a centralized exchange as a laundering conduit is particularly notable given KuCoin’s recent regulatory issues. The exchange was prohibited from enrolling new EU users by Austrian regulators in February 2026, shortly after obtaining a MiCA license, and had previously agreed to pay over $300 million to U.S. authorities for anti-money laundering violations in 2025.
Apple has since removed the fraudulent Ledger Live app from its App Store, but questions linger regarding how it managed to pass review and remain available for so long.
The magnitude of the losses, combined with the distribution via Apple’s official platform, raises potential legal concerns for the company. ZachXBT suggested that this incident might serve as grounds for a class-action lawsuit.
This event underscores a continuing threat in the crypto sector. In 2025 alone, approximately $17 billion was lost to hacking and scams within the industry, with social engineering and phishing being prominent attack methods.
For those affected, the damage is already severe.
“I worked ten years for this,” one victim expressed. “Be careful out there.”