So I came across some news today about this musician G.love (@glove on X) who got rekt for 5.96 BTC after he downloaded a fake Ledger wallet on his Mac from the App Store.
Not sure how accurate this info is, but ZachXBT said he tracked the coins, and they ended up being laundered through KuCoin. If you wanna read more, there's a post on X that discusses it.
It's a reality check that these companies don’t really take responsibility for your losses, even if they let fraudulent apps slip into their stores. Just accept that already.
So, before you grab any self-custody wallet, make sure you’re downloading it from their official website. Go directly there and check if they have an app for your OS. If they do, they should guide you to the right download link. Doing it this way helps you confirm the wallet’s legit for your device instead of relying on random searches in the store. If there's any option for extra verification, definitely check the authenticity before you enter your seed phrase.
This isn’t the first time someone’s fallen for a scam like this, and sadly, it won't be the last. Don’t make the mistake of thinking that Electrum has an official wallet for iOS, or that Sparrow has a mobile wallet, or any other similar scenarios.
Check wallet availability before downloading from app stores
19 replies 233 views
I can't say anything to the person but, f*ck.
Can't blame people on how things happened to them due to the lack of knowledge and i guess common sense as well. That's why it's very important to read and follow instructions from official sources. Also, how the user think of putting his seed passphrase on ledger live or any hardware wallet, even it says it shouldn't in any warnings, posts and notes, everywhere, i guess it's a very important knowledge, say very important common sense.
What makes it confusing is that they have the iOS version available in the AppStore, but the Mac/desktop version is only available via direct download on their official website. This has been a concern by users for a while now, and here's another recent case -- How I lost over $1M after installed Ledger Wallet from App Store
I guess he felt reassured that the app was legit since he downloaded it from the AppStore, but little did he know that it was fake. This is a very expensive lesson for him.
boss_wizardSenior Member
Posts: 270 · Reputation: 1192
#4Jan 10, 2026, 08:26 PM
Damn really sorry for him, but the App Store for mac is indeed sketchy. There are a lot of softwares in the market published by individual publishers trying to impersonate big app name.
I even prefer to use brew installation than apple's App Store for mac and was never a fan of the App store.
Never ever trust anything even if it's coming from App Store and only download from their official website. 6 BTC is not a joke at all to lose to something so trivial like that.
Ledger hardware wallet or Electrum SPV wallet, people must learn basics for downloading and verifying wallets rightly before installation and using it for storing their bitcoins.
Don't believe in any notification for wallet upgrades.
Visiting and downloading wallet softwares from official websites.
Verifying its PGP signature.
Officially visit websites & download apps, not fake ones.
[GUIDE] How to Safely Download and Verify Electrum.
The paranoid user's security guide for using Electrum safely.
How To Verify the Downloaded Version of Ledger Live.
Electrum vulnerability allows arbitrary messages, phishing.
quantumninjaFull Member
Posts: 210 · Reputation: 581
#6Jan 11, 2026, 02:13 AM
I remember the days when they claimed mac os was very secure and there were almost no viruses for it. Times have changed. If you can buy a macbook, you have something to steal. This encourages the creation of malicious apps.
Risk diversification? No, why bother. Of course, it's better to keep all your crypto in one wallet (the same seed phrase), and with almost 6 BTC, you obviously don't have the money to buy several more HW devices.
I believe they should be held accountable for this apps they add to their store. And, of course, they should thoroughly check these apps before publishing them. Otherwise, what's the point of having a store at all? Malicious apps disguised as useful apps can be downloaded directly from the app store.
If they want to preserve their store's user base, they should be held accountable (not publishing infected apps, and if they do and these actions result in user losses, they should compensate them).
If App Stroe can't ensure the safety of apps on its platform, then what's the point of this store at all? What's the point of such a useless intermediary? You should download directly from the manufacturer.
I'm a little confused as to how his bitcoins was stolen? His case description only mentions installing a new app, not entering the seed phrase on the device. Malware couldn't have stolen his bitcoin without him pressing a button on hardware wallet.
It is never a good idea to look for a wallet in a store, you should choose a wallet directly by looking at the website!
Such incidents often discourage users from crypto, especially those who do not know much about technology but are interested in Bitcoin!
Sometimes, competitors of an exchange spread such news to disrupt another exchange, where the name of the exchange is attached.
Whether this incident is true or not, there are some practical rules for using such security filter stores, such as verifying any crypto transaction multiple times and in a different way on any new store or tool!
It should be understood that not all wallets will be available everywhere, if they are not supposed to be there, then that is very suspicious!
Sadly, it was due to his own lack of diligence. According to the article shared by OP, he was prompted by the app to enter his seed phrase. After that, all of his bitcoins were immediately stolen.
He also confirmed this in one of his posts on X.
https://x.com/glove/status/2043052528166699513
basedmatrixFull Member
Posts: 55 · Reputation: 269
#9Jan 11, 2026, 02:55 PM
Shit happens if they lower down their guard.
What happen to that musician is another good example for people to pay serious attention, when we talk about wallet security also verifying the legit sources or apps that we are trying to download.
There are so many fake apps out there and we need to verify for many time if what we are grabbing is legitimate or not. If people will continue to ignore those warnings and lazy to check first this situation might gonna happen to those people.
This is one major reason why it is better to go to the official site platform and download the application. Though there is still a risk of hijacking, it is much less than downloading apps from third party platform.
I feel sorry for the victim, but there is nothing to do here unless the person is willing to spend money to track the person involved; however, there is little chance that he can get back his money when that person is identified and apprehended.
Hopefully, this kind of story will give other holders a warning and a lesson to verify everything and, as much as possible, download only from the official site.
I also don't know how possible it is to fall in the hands of this hackers that we still our asset from us by downloading our wallet from the app store, but as I will suggest on the possible best way to secure ourselves and also download from the right source without any doubts, we should always consider going directly to the website of that intended wallet and download directly from them without going through any party because anything can happen at the course.
jake.chainSenior Member
Posts: 280 · Reputation: 1307
#12Jan 12, 2026, 12:02 AM
I am surprised Apple has allowed fake apps. They are notorious for security checks. There are apps you can download on android but not on Apple store because that is how strict Apple is. Does Apple need more time to update their security regarding crypto related apps? It's high time they catch up with the rest of the world because there would be many customers wanting to download more crypto related apps.
cryptolordFull Member
Posts: 88 · Reputation: 316
#13Jan 13, 2026, 06:23 AM
What makes me a bit surprised is how Ledger might let their desktop application only be available via direct download from the official Ledger website. For users who only know that they download applications from the App Store and just believe that it is very safe --- of course they will believe that whatever application has a "Ledger"is the official one even though it is not. Poor him. That was quite an expensive lesson for him.
But if it is laundered through KuCoin, the hacker's identity should be known because they enforce KYC. Hopefully KuCoin can help him to freeze that Bitcoin.
I agree that danger of loss is high when looking for wallets in app stores and you are right in saying that companies such as Apple do not take any blame or money back on such losses. I would like to tell that even if using real websites, it is even more safe to check file digital mark as sometimes real websites are hacked.
I think most bad mistake is to type seed phrase into computer, since hardware wallets are made to keep that data offline.
In general you are correct to tell people to check everything and to keep in mind that such well known wallets as Electrum and Sparrow do not yet have real iOS apps and that any such kind they find in App Store is mean trick.
ryan_vaultFull Member
Posts: 35 · Reputation: 291
#15Jan 13, 2026, 05:12 PM
The rate at which wallet hacking and phishing are occurring is alarming. Most of the cases are a result of the victim's inability to do their research properly before attempting to make use of such an app. It does not cost anything to spend time doing research when the money involved is a huge one that should not be messed with.
If he had done his findings, he would have gotten the idea on how to go about it and would not have fallen for the trick, as he had said, maybe he would not even have attempted to use the fake wallet to store his assets. This is a lesson learnt the hard way and his savings are all gone. So sorry for him.
Half a million Dollars representing the RETIREMENT fund and he gets tricked into writing down the seed on an online computer, on a newly downloaded app that is not even legitimate but that he relied on due to the TRUST he had in Apple.
I am really sorry for him. But some things are just natural selection..
Mennn... This sucks! Looks more like a beginner mistake.
It seems it was his first time of using a hardware device. If he had used one before, he would have known that one does not need to enter the seed phrase on an app but on the hardware device itself, and this would have been avoided.
defi_whaleFull Member
Posts: 140 · Reputation: 461
#18Jan 14, 2026, 02:11 AM
It's interesting to see how non of this, as written, is fault of Bitcoin.. Additional security for funds, App store not allowing fake apps, and exchangers making things difficult for scammers would make future hack like that more difficult.
And if one of the Bitcoin principles such as trustlessness is considered, thorough verification would be done before such app is used or downloaded
This post makes me realize how I behave towards updating my CEX wallet whenever I try to log in and the notification come up to update the app.
I noticed how when I hit the update button, I keep being redirected to another page which is not the app store I downloaded it originally from. I normally instantly cancel the update so as not to fall victim to this kind of scenario.
Although my experience may not bear similarities to what was experienced here, it just goes to show how important it is to always verify the source of an update or download, mostly as it concerns crypto currency applications and systems that helps an investor keep and manage their coins on the network.
I do get such update notifications from time to time buh I try my best to ignore them. Most especially when it's from a wallet that's funded.
Most people ignore these simple mistakes which turns out to be huge risk. If I want an update for my wallet software, I go for their official site and not just clicking any pop up link saying there's a new update..
More than 60% of the sites we visit everyday are infested by malicious downloads. Some we don't take note of Because they go through the backdoor. It's better to be wise than sorry..
?Reply
Sign in to reply to this topic
Related topics
- Recovering a Bitcoin wallet and address 8
- CipherSeed: A Comprehensive Guide to Super-Secure Crypto Wallet Backups 5
- What derivation path does mm-gen wallet use? 3
- Looking for wallet software that supports custom P2SH redeem scripts? 19
- Simple Offline Wallet (key-pair) Setup on Linux Without GUI 0
- 2010 Wallet Delivery and Encryption Mystery 19