### A Costly Mistake Users who inadvertently downloaded the fake **Ledger** app were deceived into entering their seed/recovery phrases, effectively handing over control of their wallets. Attackers were then able to transfer digital assets to external addresses under their control. According to blockchain investigator **ZachXBT**, the attackers utilized [several wallet addresses](https://chainabuse.com/report/d64b1096-1699-40f6-af9a-85158c2e4ad0) to receive funds across multiple blockchains, including **Bitcoin**, **Ethereum**, **Tron**, **Solana**, and **Ripple**. ### Money Laundering Tactics The stolen funds were subsequently laundered through over 150 deposit addresses on **KuCoin**, linked to a centralized mixing service known as “AudiA6,” which specializes in crypto laundering in exchange for substantial fees.  *Source: ZachXBT* **ZachXBT** tracked individual losses ranging from $1.95 million to $3.23 million between April 8 and April 11. Musician G. Love reported a loss of 5.9 BTC (approximately $430,000) after downloading the compromised app. This loss was verified by **ZachXBT**. ### App Store Infiltration According to a [Reddit discussion](https://www.reddit.com/r/ledgerwallet/comments/1skbing/warning_fake_mac_app/), the counterfeit app was submitted to the **Apple App Store** under the publisher name ‘Leva Heal Limited,’ an entity unaffiliated with the legitimate **Ledger** development team. The malicious actor also fabricated a version history, releasing frequent updates (from version 1.0 to 5.0 in two weeks) to appear legitimate.  *Source: Reddit* ### Apple's Response and KuCoin's Involvement Following numerous user reports, **Apple** has removed the fraudulent app from the **App Store**. BleepingComputer has reached out to **Apple** for comment, but has not received a response. **KuCoin**, which has faced scrutiny for [alleged anti-money laundering (AML) violations](https://www.bleepingcomputer.com/news/cryptocurrency/kucoin-charged-with-aml-violations-that-let-cybercriminals-launder-billions/) and [paid substantial penalties in the U.S.](https://www.bleepingcomputer.com/news/cryptocurrency/kucoin-to-pay-nearly-300-million-in-penalties-after-guilty-plea/), announced its involvement in freezing assets related to the scheme, but noted the freeze would only last until April 20 unless extended by law enforcement. ### Ledger's Official Stance It is crucial to note that **Ledger** [offers a Mac app](https://support.ledger.com/article/4404389606417-zd) on its website, but *not* in the **Apple App Store**, where only an iOS-compatible version [is available](https://apps.apple.com/us/app/ledger-wallet-crypto-app/id1361671700). Threat actors have previously exploited this gap, even targeting the **Microsoft Store** in 2023, [stealing $768,000](https://www.bleepingcomputer.com/news/security/fake-ledger-live-app-in-microsoft-store-steals-768-000-in-crypto/) worth of cryptocurrency via a fake **Ledger Live** app.