{"id":71935,"date":"2026-04-15T09:14:58","date_gmt":"2026-04-15T02:14:58","guid":{"rendered":"https:\/\/hbbgroup.net\/fake-ledger-live-app-on-apple-app-store-drained-9-5m-from-victims-zachxbt\/"},"modified":"2026-04-15T09:14:58","modified_gmt":"2026-04-15T02:14:58","slug":"fake-ledger-live-app-on-apple-app-store-drained-9-5m-from-victims-zachxbt","status":"publish","type":"post","link":"https:\/\/hbbgroup.net\/vi\/fake-ledger-live-app-on-apple-app-store-drained-9-5m-from-victims-zachxbt\/","title":{"rendered":"Fake Ledger Live app on Apple App Store drained $9.5M from victims: ZachXBT"},"content":{"rendered":"
\n

Onchain investigator ZachXBT said a fake Ledger Live app listed on Apple\u2019s App Store was tied to about $9.5 million in crypto stolen from more than 50 suspected victims between April 7 and 13.<\/p>\n

In a Tuesday Telegram post<\/a>, ZachXBT said the alleged thefts affected users across Bitcoin, Solana, Tron, XRP Ledger and Ethereum Virtual Machine (EVM)-compatible networks. He claimed the stolen funds were laundered through over 150 KuCoin deposit addresses allegedly tied to AudiA6, which he described as a centralized mixing service.\u00a0<\/p>\n

ZachXBT said the fake app was removed by Apple on April 13 and identified three seven-figure losses among the largest known cases. He said one victim lost about $1.95 million in Bitcoin (BTC<\/a>), staked Ether (stETH) and Ether (ETH<\/a>), another lost $3.23 million in USDt (USDT<\/a>) on April 9, and a third victim lost about $2 million in USDC (USDC<\/a>) on April 11.<\/p>\n

ZachXBT said<\/a> Kucoin had seen an\u00a0increase in illicit activity\u00a0recently, and pointed out that the company had been banned from onboarding new European Union users<\/a> in February, shortly after receiving its Markets in Crypto Assets Regulation (MiCA) license. He also questioned whether the incident presented grounds for a class action against Apple.<\/p>\n

Related: <\/strong><\/em>Counterhacker exposes DPRK unit that made $1M a month working IT jobs<\/strong><\/em><\/a><\/p>\n

Key details, including the total losses, victim count and laundering route, remain based on ZachXBT\u2019s findings and had not been confirmed by Apple or KuCoin at publication. Cointelegraph asked both companies for comment but had not received a response by publication.<\/p>\n

Ledger warns users never to enter seed phrase into apps<\/h2>\n

Ledger chief technology officer Charles Guillemet said in a statement to Cointelegraph that the company never asks users for their 24-word recovery phrase and warned that official-looking software environments<\/a> should not be treated as inherently safe.<\/p>\n

\"Security,
Fake Ledge Live app in the App Store. Source: <\/em>Archive.ph<\/em><\/a><\/figcaption><\/figure>\n

\u201cYou cannot trust the software environment around you \u2013 not your browser, not your app store, not your desktop,\u201d Guillemet said, adding that attackers \u201coperate wherever the opportunity exists,\u201d including official distribution platforms.\u00a0<\/p>\n

Related: <\/strong><\/em>Web3 hacks cost $482M in Q1 as phishing drives majority of losses: Hacken<\/strong><\/em><\/a><\/p>\n

The latest incident follows a smaller but similar case reported on Monday. Musician Garrett Dutton, also known as \u201cG. Love,\u201d said he lost about $420,000 in BTC<\/a> after downloading a malicious app impersonating Ledger Live from Apple\u2019s App Store and entering his seed phrase.\u00a0ZachXBT said the stolen assets were sent to deposit addresses associated with KuCoin.\u00a0<\/p>\n