A counterfeit Ledger Live app that briefly appeared in Apple's App Store has been linked to at least $9.5 million in stolen crypto, according to CoinDesk, which reported that the campaign hit more than 50 suspected victims between April 7 and April 13.

What is verified

One victim is public. Musician G. Love said on X that he lost 5.92 BTC, describing it as his retirement savings, after downloading what he believed was Ledger's official software while setting up a new computer. Gizmodo separately reported that blockchain investigator ZachXBT traced that theft through a series of transactions into KuCoin deposit addresses.

The broader campaign appears to have targeted users across multiple chains, not just Bitcoin. CoinDesk said the losses spanned Ethereum-compatible networks, Tron, Solana and XRP as well, suggesting the fake app worked as a generic seed-phrase trap rather than a chain-specific exploit.

Why it matters

The notable part is not just the phishing flow, which is familiar, but the distribution channel. Users are trained to treat major app stores as safer than random downloads. That assumption breaks down if a counterfeit wallet app can clear review and prompt victims to enter a recovery phrase.

The conservative lesson is unchanged: Ledger's real setup flow should never normalize typing a seed phrase into software obtained from an app marketplace. Apple appears to have removed the listing, but the losses show how quickly trust in a storefront can turn into a custody failure.