Apple has taken decisive action by removing a sophisticated fake Ledger app from its App Store after it tricked users into revealing their seed phrases, resulting in staggering losses of $9.5 million for more than 50 cryptocurrency investors in just days.
The malicious application, which closely impersonated the official Ledger Live self-custody wallet, was developed under the name “SAS Software Company.” Apple confirmed the app’s removal and the developer’s account termination following reports from on-chain analysts.
Two reviews and fake feature updates for the counterfeit Ledger Live app before it was removed from the Apple App Store. Source: Archive.ph
How did the fake Ledger exploit happen?
The scam was conducted by making the application seem genuine at the start, but in the end, it made the users give out their recovery codes, which was a standard part of the process.
According to blockchain analysis conducted by ZachXBT, the scammers’ operation took place from April 7 to 13, with the app stealing cryptocurrency from different users. The worst-hit were just a few bigger wallets that lost more than $3.23 million worth of USDT, about $2 million worth of USDC, and almost $1.95 million worth of Bitcoin, Ethereum, and staked Ethereum.
Your completely free resource hub designed to boost your knowledge of cryptocurrencies
One notable victim is musician Garrett Dutton, widely known as G. Love. He openly shared that he lost approximately $420,000 in Bitcoin, funds he had carefully built over years, after downloading what he believed was the genuine Ledger Live app on a new device.
Like so many others, Dutton entered his seed phrase when prompted, instantly handing over full control of his wallet to the attackers. The funds were quickly distributed through several addresses, rendering them irretrievable.
The fake Ledger application took a very common path that had been previously used in other scams within the App Store. The scammers tend to start off by sending seemingly innocuous versions of an app that get updated later into something completely different. Such problems have existed on the App Store for years; there was a case of a fake Pokémon Yellow application in 2013.
This latest scam involving Ledger is a warning sign of the risks that people face within the cryptocurrency world, especially on platforms like the App Store, which are heavily regulated. Although Apple’s system is constantly tightening and now rejects tens of thousands of applications every year due to spamming or fraud, scammers are not relenting.
Security Experts Emphasize a Core Principle For Anyone in Crypto
This incident also highlights a broader problem on tech platforms. In late 2023, similarly deceptive scams targeting Ledger wallet-style crypto theft managed to get through Microsoft’s app store verification procedure and resulted in more than half a million dollars worth of stolen cryptocurrencies.
According to the FBI’s most recent data, crypto scams in the US led to total losses exceeding $11 billion in 2025. It is much higher compared to the preceding year and is done through phishing scams, malware applications, and social engineering tricks.
In their professional opinion, you should never share your seed phrase with any website or application unless you are completely confident about its authenticity.Providing this phrase through a scammy Ledger wallet or similar tool leads to inevitable loss of funds. There is no way back once a hacker gains access to the funds through blockchain-based transactions.
While Apple’s fast reaction in taking down the fake Ledger is encouraging, it raises some discussion about reviewing applications. Until the app store review process gets better, however, one should take individual security measures such as bookmarking trusted websites and not succumbing to entering recovery phrases under any circumstances.
