A fake version of Ledger Live distributed via Apple’s App Store has been linked to at least $9.5 million in crypto theft, with victims now coming forward describing devastating losses, including entire retirement funds wiped out “in an instant.”

One victim, posting on X under the handle @glove, said he lost 5.9 BTC – his entire savings accumulated over a decade – after downloading what he believed was the official Ledger app while setting up a new computer.

“I lost my retirement fund in a hack/scam… All my BTC gone in an instant,” he wrote.

Blockchain investigator ZachXBT later traced the stolen 5.92 BTC, showing it was rapidly funneled through a series of transactions into KuCoin deposit addresses, consistent with a broader laundering pattern identified across the incident.

Apple and KuCoin did not immediately respond to requests for comment.

$9.5 million stolen across chains

X user @glove wasn't the only victim. The phishing campaign, active between April 7 and April 13, impacted more than 50 suspected victims across Bitcoin, Ethereum-compatible networks, Tron, Solana and XRP.

Three of the largest victims lost seven-figure sums, with $3.23 million in USDT being stolen on April 9, $2.08 million of USDC on April 11 and $1.95 million in BTC, ETH and stETH being drained on April 8.

Cases like this typically prompt victims to enter their recovery phrase on an app, giving attackers full access to their wallets.

Laundering via KuCoin and ‘AudiA6’

Stolen funds were routed through more than 150 KuCoin deposit addresses and tied to “AudiA6,” a centralized crypto mixing service known for charging high fees to obfuscate illicit flows.

The reliance on a centralized exchange as a laundering hub is notable given KuCoin’s recent regulatory troubles. The exchange was barred from onboarding new EU users by Austrian regulators in February 2026, just months after receiving a MiCA license, and previously paid over $300 million to U.S. authorities to settle anti-money laundering violations in 2025.

App Store scrutiny

Apple removed the fake Ledger Live app from the App Store, but questions remain about how it passed review and how long it was available.

The scale of losses, coupled with the fact that the app was distributed through Apple’s official marketplace, could expose the company to legal risk, with ZachXBT suggesting the incident may form the basis for a class-action lawsuit.

Rising threat

The incident highlights a persistent threat that has marred the crypto industry over the past few years. In 2025 crypto investors lost around $17 billion to hacks and scams, with social engineering and phishing tactics leading the way in terms of attack vectors.

For victims, the damage is already done.

“I worked ten years for this,” the victim wrote. “Be careful out there.”