A fraudulent clone of the Ledger Live application stole approximately $9.5 million on Apple’s App Store. The security breach affected more than 50 victims.
The malicious software operated for one week between April 7 and April 13 before Apple removed it. Attackers gained full access to funds across Bitcoin, Ethereum, and Solana blockchains by tricking users into entering secret recovery phrases.
Several individual victims lost more than $1 million each during the incident. Blockchain investigators traced the stolen assets to over 150 deposit addresses at the KuCoin cryptocurrency exchange.
The incident highlights a significant security failure in Apple’s App Store review process. Ledger confirmed its official software is only available on its website and reiterated that it never requests user recovery phrases.