G. Love Loses Nearly $424,000 to Fake Ledger App
Musician Garrett “G. Love” Dutton lost about 5.92 BTC (≈$424,000) after downloading a fake Ledger app from Apple’s Mac App Store and entering his 24-word recovery phrase.
Musician Garrett Dutton, known as G. Love, lost about 5.92 BTC, roughly $424,000, after downloading a counterfeit Ledger application from Apple’s Mac App Store while moving his hardware wallet setup to a new Apple computer. The funds were part of his retirement savings and were drained immediately after he provided the 24-word recovery phrase.
In an April 11 post on X, Dutton described searching the App Store for Ledger Live, downloading an app that appeared authentic, and following prompts that led to a request for his seed phrase. He wrote: “I lost 5.9 BTC all I had for ten years I worked on this f#ck be careful out there.”
An on-chain investigator using the handle ZachXBT traced the stolen 5.92 BTC and reported that the coins were moved through addresses identified as deposit addresses for the crypto exchange KuCoin. The investigator published transaction details showing the flow of funds and indicated he did not expect the coins to be recovered via the exchange.
ZachXBT pointed to KuCoin’s loss of a MiCA license in February 2026, three months after it had been granted, in discussing the exchange’s regulatory record. The investigator noted the stolen coins were routed through many deposit addresses, a pattern that can suggest use of an instant exchange to move funds quickly.
Security professionals highlighted the risk of entering a hardware wallet recovery phrase on an internet-connected device. Beau, head of security at Pudgy Penguins, warned against entering seed phrases on laptops or phones and described methods scammers use to distribute fake wallet software, including email, deceptive advertisements, and unsolicited physical mail.
Experts advise verifying wallet software directly from official vendor websites before downloading and keeping recovery phrases offline. Hardware wallets are designed so the seed phrase should remain off-line; entering it into a downloaded app transfers control of the funds to whoever controls that app. Dutton’s loss prompted renewed reminders from security practitioners to keep seed phrases private and confirm software sources before use.
Content on BlockPort is provided for informational purposes only and does not constitute financial guidance.
We strive to ensure the accuracy and relevance of the information we share, but we do not guarantee that all content is complete, error-free, or up to date. BlockPort disclaims any liability for losses, mistakes, or actions taken based on the material found on this site.
Always conduct your own research before making financial decisions and consider consulting with a licensed advisor.
For further details, please review our Terms of Use, Privacy Policy, and Disclaimer.
Articles by this author
