Fake Ledger app on Apple stole G. Love 5.92 BTC

Musician G. Love (Garrett Dutton) said a Fake Ledger app passed the Apple Mac App Store review and instantly drained his wallet. He was migrating his Ledger hardware wallet to a new computer when he downloaded what appeared to be the official app. He reported losing 5.92 BTC in seconds, describing the funds as his “retirement fund.” He shared the on-chain transaction hash to verify the theft, and warned others to be careful. Blockchain investigator ZachXBT traced the stolen BTC through nine transactions, moving funds via KuCoin deposit addresses. Ledger’s own security guidance highlights this attack pattern: malicious replicas can trick users into entering the 24-word Secret Recovery Phrase anywhere outside the physical device, granting the attacker full wallet access. The guidance stresses that the recovery phrase should only be entered during hardware setup. The case also raises an App Store vetting concern. Ledger documentation has previously flagged fake Chrome applications as a known attack vector, but this incident shows similar risk can reach the Mac App Store. At the reported time of the theft, 5.92 BTC was valued around $420,000. For traders, this is another high-profile “crypto scam” incident centered on custody and phishing risk, not a protocol or market-structure event.