Fake Ledger App Scam Leads to $9.5M Loss in Cryptocurrency

Severity: High (Score: 66.0)

Sources: Bleepingcomputer, apps.apple.com, Mexc

Summary

A malicious Ledger Live app for macOS, available on the Apple App Store, has reportedly stolen around $9.5 million in cryptocurrency from 50 victims, including musician G. Love, who lost approximately $420,000. The attackers deceived users into entering their seed phrases, granting them full access to wallets. The scam involved a fake app submitted under the name 'Leva Heal Limited,' which mimicked the legitimate Ledger onboarding process. Blockchain investigator ZachXBT traced the stolen funds, revealing that they were laundered through over 150 deposit addresses on KuCoin, linked to a mixing service called 'AudiA6.' Apple has since removed the app from the App Store following user reports. KuCoin has frozen the accounts involved in the scheme, but the freeze is temporary and may be lifted after April 20. This incident highlights the risks associated with unofficial wallet applications and the importance of verifying software sources. Key Points: • A fake Ledger Live app on the Apple App Store stole $9.5 million from 50 users. • Victims were tricked into entering their seed phrases, allowing attackers full wallet access. • The stolen funds were laundered through KuCoin and a mixing service called 'AudiA6.'

Key Entities

• Malware (attack_type)
• Phishing (attack_type)
• T1195 - Supply Chain Compromise (mitre_attack)
• T1566 - Phishing (mitre_attack)
• Apple App Store (platform)
• MacOS (platform)