Overview
- Ledger Live impostor on the Mac App Store, which ran April 7–13, stole about $9.5 million from more than 50 users by posing as a crypto wallet.
- The thieves funneled the money through over 150 crypto addresses and mixing services to hide its trail, according to blockchain analyses reported by CoinDesk.
- The fake wallet prompted people to enter their seed phrase, which is a recovery key, even though legitimate wallets never ask for it and Ledger distributes its real app only on its website.
- Apple also pulled Freecash after TechCrunch flagged that it harvested highly sensitive data from millions of users and appeared to return to the store by rebranding from Reward, a tactic Apple said violated rules 3.1.2(a) and 2.3.1.
- Investigators and security firms including ZachXBT, Malwarebytes, CoinDesk and TechCrunch documented the schemes, and users are being urged to delete the apps, review permissions, and move any remaining crypto to new wallets.