Fake Ledger app on Mac app store scams users out of $9.5 million

As outlined in Bleeping Computer, a malicious application impersonating Ledger Live on macOS has resulted in approximately $9.5 million in cryptocurrency being stolen from 50 victims within a few days.

The fraudulent app, available on Apple's App Store under the publisher name "Leva Heal Limited," tricked users into entering their seed phrases, granting attackers full control of their digital wallets. Blockchain investigator ZachXBT reported that funds were stolen across multiple chains, including Bitcoin, Ethereum, Tron, Solana, and Ripple. The stolen assets were then laundered through over 150 KuCoin deposit addresses linked to a mixing service. Notable losses include three victims losing seven-figure sums and musician G. Love losing 5.9 BTC. The fake app's version history was manipulated to appear legitimate, with major updates released every few days.

Apple has since removed the fake app, but the incident highlights vulnerabilities in app store security and the persistent threat of phishing scams targeting cryptocurrency users. KuCoin, which has faced previous AML violations, has frozen accounts involved, but further action requires law enforcement requests. This event underscores the importance of verifying app sources, as Ledger's official Mac application is available on their website, not the App Store, and similar scams have targeted other platforms like the Microsoft Store.

Source: Bleeping Computer