Fake Ledger app on Mac App Store steals 5.92 BTC after seed phrase entry
A Fake Ledger app distributed via Apple’s Mac App Store reportedly stole 5.92 BTC (about $424,000) from musician G. Love after he installed it while migrating his Ledger wallet to a new Mac. Instead of the legitimate Ledger Live app, the impostor prompted him to type his 24-word recovery phrase. Shortly after entry, his Bitcoin balance was drained.
On-chain investigator ZachXBT traced the flow as the funds moved through multiple deposit addresses allegedly linked to KuCoin, with rapid transfers that can hinder recovery. The report also claims KuCoin lost its MiCA license from European authorities about three months after approval.
Ledger warned users not to download Ledger software from app stores and reiterated that seed phrases must never leave the physical Ledger device. Security guidance from Beau (Pudgy Penguins’ security lead) echoed the same rule: never input a seed phrase into any internet-connected app or site, even if it claims to be a recovery or update.
For crypto traders: this is a high-confidence phishing scenario. While the event is unlikely to change market fundamentals, it reinforces operational risk controls for BTC self-custody and wallet-management workflows—especially on macOS.
Neutral
This report centers on a specific phishing theft of BTC via a Fake Ledger app on macOS. There is no indication of a protocol or exchange-wide failure that would directly affect BTC liquidity or settlement. In the short term, the incident may marginally influence sentiment among self-custody users and spur caution-driven withdrawals from risky wallet-installation channels, but it is unlikely to move BTC price materially on its own. Over the longer term, the repeated enforcement of seed-phrase handling best practices and app-source warnings (only from ledger.com/physical device workflows) can reduce the likelihood of similar losses, though it does not change BTC’s market fundamentals. Net effect on BTC price impact is therefore neutral.