Ten years of Bitcoin savings. Gone in thirty seconds.
Garrett Dutton — known as G. Love, frontman of G. Love & Special Sauce — lost 5.92 BTC on April 11, 2026. No technical exploit, no Ledger firmware bug. Just a counterfeit app downloaded from the Apple Mac App Store, mistaken for the real thing.
How a Fake Ledger App Drained His Wallet
G. Love was migrating his hardware wallet to a new Apple computer. He searched "Ledger Live" in the Mac App Store, found an app that looked entirely legitimate — correct icons, polished interface, convincing branding. He downloaded it. On first launch, the app asked for his 24-word seed phrase to "restore the device." He typed it in.
At that moment, someone on the other side of the world gained full control of every satoshi he owned.
I had a really tough day today I lost my retirement fund in a hack/Scam when I switched my @Ledger over to my new computer and by accident downloaded a malicious ledger app from the @Apple store. All my BTC gone in an instant.
— G. Love (@glove) April 11, 2026
ZachXBT Traces the Funds to KuCoin
Within hours, on-chain investigator ZachXBT followed the money trail: 5.92 BTC moved across nine separate transactions, all funneled into KuCoin deposit addresses.
"I traced your 5.92 BTC that was stolen — it was all laundered through @kucoincom deposit addresses."
— ZachXBT (@zachxbt), April 12, 2026
Recovery prospects are essentially zero. KuCoin had lost its European MiCA license in February 2026 — just three months after receiving it from Austria — and according to ZachXBT the exchange continues to be exploited by illicit services without adequate intervention. This fits a wider pattern: in 2025, losses from digital signature phishing surged 207%, a warning sign the industry largely ignored.
Apple Silent as Fake Crypto Apps Slip Through Review
The fraudulent app was listed under a third-party developer — not Ledger SAS — yet it cleared Apple's App Store review process. Apple has issued no statement, has not confirmed the app's removal, and according to ZachXBT actively obstructed attempts to publicly document the incident.
"It seems Apple doesn't want people to document the fact that it allows fake apps in its App Store."
— ZachXBT (@zachxbt), April 12, 2026
This is not the first time. In 2023, a fake Ledger app on the Microsoft Store caused nearly $600,000 in losses. Same mechanism, same platform negligence. For US and UK readers, it is worth noting that neither Apple nor Microsoft faces a specific EU-style liability framework for app store fraud — MiCA covers crypto assets, not app marketplaces.
The Rule That Never Changes: Protect Your Seed Phrase
Ledger has stated for years: Ledger Live is only available at ledger.com. Never from an app store. Your seed phrase should only ever be entered on the physical hardware device itself — never inside an app, never in a browser, never on a laptop screen. If any application asks for your 24 words on-screen, it is a scam. Every time.
Beau, head of security at Pudgy Penguins, posted shortly after the news broke: no matter how professional the interface looks, any internet-connected device asking for your 24 words is already compromised.
If you hold a hardware wallet and are unclear on the difference between hot and cold storage, this guide explains where to start. It is not advanced material — it is the foundation.
G. Love closed the episode with rare grace: "It's my fault for not being diligent enough. But let it be a warning. There are so many scams out there."
While X is experimenting with blocking new crypto accounts on first post to curb phishing, incidents like this are a reminder that the real vulnerability is almost never technical. It is human.
