A fake Ledger Live application infiltrated on the App Store allowed nearly $9.5 million in cryptocurrencies to be stolen in a few days. Behind this operation, attackers targeted dozens of users on several major blockchains, exploiting their trust by distributing a fake version of the app. This case highlights the rise of sophisticated fraud and serves as a reminder that even official digital environments can hide invisible threats.
In brief
- A fake Ledger Live app on the App Store misappropriated approximately $9.5 million in cryptocurrencies.
- More than 50 victims have been affected across several major blockchains, with individual losses reaching into the millions.
- The stolen funds passed through more than 150 addresses linked to KuCoin, complicating their traceability via a mixer.
- Ledger reminds that users should never blindly trust software environments, even official ones.
Fake Ledger Live infiltrates the App Store and steals $9.5 million
A fake Ledger Live application, which managed to slip into the Apple App Store, helped steal nearly $9.5 million in cryptocurrencies in less than a week. In a message published on Telegram on Tuesday, on-chain investigator ZachXBT indicates that the scam claimed more than fifty victims between April 7 and 13.
The operation hit multiple leading networks including Bitcoin, Ethereum, Solana, Tron and the XRP Ledger. The damage is particularly heavy for certain victims: three of them have accumulated losses of more than $7 million. The on-chain detective cites in particular the theft of 3.23 million dollars in USDT, around 2 million in USDC, or the loss of 1.95 million dollars in assets (BTC, ETH) put in staking.
Apple removed the fraudulent app on April 13 after it was identified. According to information shared by ZachXBT, the stolen funds were redirected to more than 150 addresses linked to the KuCoin exchange platform. Consequently, these stolen flows would have passed through a service described as a centralized mixer, thus making their tracking more complex. In addition, this situation is part of a context of an increase in illicit activities recently observed on the platform, according to the on-chain investigator.
Charles Guillemet warns about security and recalls the risks linked to software environments
Charles Guillemet, technical director of Ledger, recalls essential security rules in a context marked by the increase in cryptocurrency fraud. In a statement given to Cointelegraphhe clarifies that the company never asks users for the 24-word recovery phrase. He especially emphasizes one key point:
You can't trust the software environment around you — not your browser, not your app store, not your computer — because attackers operate wherever the opportunity presents itself.
Charles Guillemet
He thus emphasizes that even tools that appear official or secure can be compromised. With this in mind, users must adopt a posture of permanent vigilance, facing threats capable of infiltrating all levels of the digital ecosystem.
In short, this case shows a persistent reality in the crypto ecosystem: even the most reputable exchange platforms are not safe from malicious infiltration. This type of incident reminds us that safety depends above all on individual vigilance. In a rapidly evolving threat environment, it is essential to adopt strict practices, such as protecting your recovery phrase and systematically verifying sources, to limit the risk of compromise.
Maximize your Tremplin.io experience with our 'Read to Earn' program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.
