A Ledger App Scam Drains Millions: A Chekhovian Tale

by

Finance

What to know:

  • In a world where virtue wears a glossy icon and gullibility is as common as tea, a fake Ledger Live app crept into the Apple store and sapped at least $9.5 million from more than fifty souls across Bitcoin, Ethereum, Solana, Tron and XRP between April 7-13.
  • The pilfered coins found their way to KuCoin deposit addresses and were tethered to a centralized laundering service known as AudiA6, as if the con had a designer label.
  • Victims confess they entered recovery phrases into the malignant app, as if handing over a key to a locked cabinet with the lock already broken.

A counterfeit Ledger Live, masquerading as the genuine article, spread through Apple’s App Store and left in its wake losses of $9.5 million, while the frightened chorus of victims now speaks of retirement funds wiped out “in an instant.” The world of finance, ever theatrical, provides yet another farce for the stage.

One victim, posting on X under the handle @glove, said he lost 5.9 BTC-his entire decade of savings-after downloading what he believed was the official Ledger app while setting up a new computer.

“I lost my retirement fund in a hack/scam… All my BTC gone in an instant,” he wrote, as if reciting a solemn couplet at a tea-drinking party.

Blockchain investigator ZachXBT traced the stolen 5.92 BTC and showed it being funneled through a sequence of transactions into KuCoin deposit addresses, a pattern that fits a broader laundering scheme uncovered in this affair.

Apple and KuCoin did not respond to requests for comment, which is practically a polite way of saying they’re busy polishing an all-too-modern mirror.

$9.5 million stolen across chains

X user @glove wasn’t alone in his misfortune. The phishing campaign, active from April 7 to April 13, touched more than 50 suspected victims across Bitcoin, Ethereum-compatible networks, Tron, Solana and XRP.

Three of the largest losses were seven-figure sums: $3.23 million in USDT on April 9, $2.08 million in USDC on April 11, and $1.95 million in BTC, ETH and stETH drained on April 8.

As in any familiar tale, the script is simple: victims field the recovery phrase on an app and cede to the intruders access to their wallets, as if handing over a house key to a fool who promised to repair the door but left the door open.

Laundering via KuCoin and ‘AudiA6’

The stolen funds traveled through more than 150 KuCoin deposit addresses and were tied to “AudiA6,” a centralized crypto-mixing service known for charging high fees to cloud the traces of illicit flows.

One cannot help noticing the irony of relying on a centralized exchange to launder funds, especially given KuCoin’s regulatory travails. The exchange was barred from onboarding new EU users by Austrian regulators in February 2026, just after receiving a MiCA license, and previously paid over $300 million to U.S. authorities to settle anti-money laundering violations in 2025.

App Store scrutiny

Apple removed the fake Ledger Live from the App Store, but questions persist about how it ever passed review and how long it lingered in the marketplace, like a rumor that refused to die.

The scale of losses, and the fact that the app appeared in Apple’s official marketplace, could invite legal considerations, with ZachXBT hinting at the possibility of a class-action lawsuit-if there is such a thing as a petition that keeps a straight gaze before a judge.

Rising threat

The incident underscores a threat that has haunted the crypto world for years. In 2025, investors lost about $17 billion to hacks and scams, with social engineering and phishing leading the charge in the theater of misdirection.

For the victims, the damage is done.

“I worked ten years for this,” one voice says. “Be careful out there.”

Read More

2026-04-14 14:29