17.04.2026
4 min
201
A fraudulent app masquerading as the official Ledger Live was discovered in the Apple App Store, allowing attackers to steal approximately $9.5 million in cryptocurrency. More than 50 users were affected between April 7 and 13, 2026.
Apple has deleted a fake app from its App Store. The fake app resembled the real Ledger Live, but damaged users significantly by stealing nearly $10 Million in cryptocurrencies from approximately fifty victims over four days (April 7-13, 2026).
It appears as though the fake app was quite convincing. It was listed as Ledger Live and was created by two companies: SAS Software Company and Leva Heal Limited. Until each victim was prompted to input his/her seed phrase, no other warning signs existed. At that time, the thief(s) gained total access to all crypto wallets. After gaining such access, the thieves moved the funds to their own address. No additional confirmation was required.
Because of this incident, Apple has immediately removed this fake app from its App Store, however; significant questions have been posed. First among them is how did the fake app become verified and entered into the official App Store?
More than just one issue of this type has plagued Apple recently. Previously, Apple also removed the Freecash app. It was heavily marketed as a quick and simple method of earning money by viewing videos on TikTok.
However, instead of receiving income, users were collecting information that could be used to identify them personally. Upon installing the app, users were asked for the following sensitive data:
race/religious views
sexual orientation/personal life
health-related information
biometric information
None of these expected features were available upon completion of the install process. Each user was simply forwarded to a page of mobile gaming apps with reward points based on completing certain gaming tasks.
Although the Freecash app has been removed from the App Store, it continues to exist within the Google Play Store. As such, continued risk exists for users.
This situation demonstrates again that official app stores are no insurance against potential security threats. Fake apps can appear to be legitimate-looking, but fraudsters continue to utilize the most reliable method of attack: trusting in the honesty of the end-user.
