{"id":45387,"date":"2026-04-15T01:20:44","date_gmt":"2026-04-14T17:20:44","guid":{"rendered":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/2026\/04\/15\/fake-ledger-live-app-on-apples-app-store-stole-9-5m-in-crypto\/"},"modified":"2026-04-15T01:20:44","modified_gmt":"2026-04-14T17:20:44","slug":"fake-ledger-live-app-on-apples-app-store-stole-9-5m-in-crypto","status":"publish","type":"post","link":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/2026\/04\/15\/fake-ledger-live-app-on-apples-app-store-stole-9-5m-in-crypto\/","title":{"rendered":"Fake Ledger Live app on Apple\u2019s App Store stole $9.5M in crypto"},"content":{"rendered":"\n

\"Fake<\/p>\n

A malicious Ledger Live app for macOS available from Apple’s App Store has drained approximately $9.5 million in cryptocurrency from 50 victims in just a few days this month.<\/p>\n

Users who downloaded the fake Ledger app were tricked into entering their seed\/recovery phrases, thus giving attackers full access to their wallets and allowing them to send digital assets to external addresses under their control.<\/p>\n

According to blockchain investigator ZachXBT<\/a>, the attackers used several wallet addresses<\/a> to receive funds across multiple chains, including Bitcoin, Ethereum, Tron, Solana, and Ripple.<\/p>\n

\"Fake<\/a> <\/div>\n

The stolen amounts were then laundered through more than 150 deposit addresses on KuCoin, linked to a centralized mixing service called “AudiA6,” which launders crypto in exchange for high fees.<\/p>\n

\n
\"Fake
Malicious transactions<\/strong>
Source: ZachXBT<\/em><\/figcaption><\/figure>\n<\/div>\n

The investigator tracked three individual victims losing seven-figure amounts ($3.23 million, $2.08 million, and $1.95 million) between April 8 and April 11.<\/p>\n

Musician G. Love stated on X that he also lost 5.9 BTC (currently $430k) after downloading the app. This loss was also traced and confirmed by ZachXBT.<\/p>\n

\"Fake<\/a><\/p>\n

According to a Reddit discussion<\/a>, the fake app was submitted to the Apple App Store under the publisher name ‘Leva Heal Limited,’ an account not associated with the real Ledger development team.<\/p>\n

The malicious actor also created a fake version history by releasing major new versions every few days, going from 1.0 to 5.0 within just two weeks.<\/p>\n

\n
\"Fake
Details of the fake Ledger app<\/strong>
Source: Reddit<\/em><\/figcaption><\/figure>\n<\/div>\n

Following multiple user reports, Apple has now removed the fake app from the App Store, but not before 50 users lost a total of $9.5 million.<\/p>\n

BleepingComputer has reached out to Apple for a comment, but we have not received a response yet.<\/p>\n

Meanwhile, KuCoin, which has been accused of violating anti-money laundering laws<\/a> in the past and was even ordered to pay $300 million in penalties<\/a> in the U.S. last year, announced that it has frozen the accounts<\/a> involved in the latest scheme.<\/p>\n

However, the platform noted that the freeze will only last until April 20. Beyond that date, the freeze can be extended via an official request from law enforcement authorities.<\/p>\n

It is important to note that Ledger offers a Mac app<\/a> on its website, but not in the Apple App Store, where only an iOS-compatible version is available<\/a>.<\/p>\n

Threat actors have attempted to exploit this availability gap<\/a> again in the past, even targeting the Microsoft Store in 2023, stealing $768,000<\/a> worth of cryptocurrency.<\/p>\n