Apple App Store Security Breach Leads to $9.5 Million Crypto Theft

An investigation by on-chain analyst ZachXBT has revealed that a malicious impersonation of the Ledger Live app was hosted on the Apple App Store, resulting in the theft of approximately $9.5 million. The fraudulent application targeted users across multiple networks, including Bitcoin, Ethereum, Solana, Tron, and the XRP Ledger, between April 7 and April 13. The incident highlights critical vulnerabilities in official app distribution platforms and the persistent risk of phishing attacks targeting seed phrases. While Apple removed the app on April 13, the breach has raised questions regarding the platform's liability and the effectiveness of its security screening processes. The theft affected over 50 victims, with three individuals suffering seven-figure losses. Specifically, one user lost $3.23 million in USDT, another lost $2 million in USDC, and a third lost $1.95 million in a mix of BTC, ETH, and stETH. Additionally, musician Garrett Dutton reported a loss of $420,000 through a similar malicious app. The stolen assets were allegedly laundered through more than 150 deposit addresses on the KuCoin exchange, utilizing a centralized mixing service known as AudiA6. This comes amid increased scrutiny of KuCoin, which was recently banned from onboarding new European Union users. Ledger's CTO, Charles Guillemet, emphasized that the company never requests 24-word recovery phrases. He warned that users cannot inherently trust the software environments they operate in, including official app stores and browsers, as attackers operate wherever opportunity exists.