Philadelphia Musician G. Love Loses Nearly 6 BTC to Fake Ledger Wallet App on Apple’s App Store

April 12, 2026

G. Love Falls Victim to Bitcoin Hack

Key Points:

Musician G. Love lost 5.92 BTC, equivalent to $424,175, after downloading a fraudulent Ledger app from the Apple Mac App Store on April 11, 2026.
On-chain investigator ZachXBT found that the stolen Bitcoin was laundered through deposits on Kucoin.
Ledger has cautioned users to only download their software from ledger.com to avoid the risk of seed phrase theft.

The Incident

Garrett Dutton, better known as G. Love from G. Love & Special Sauce, shared on social media that he was setting up his new Ledger hardware wallet on an Apple computer when he mistakenly downloaded what he thought was the official Ledger Live application. It turned out to be a fake.

This counterfeit app prompted him to input a 24-word seed phrase—also known as a recovery phrase. After entering it, his wallet was compromised, and the attackers gained immediate access to his Bitcoin.

“Today was really tough. I lost my retirement money to a hack when I switched my Ledger to a new computer,” Dutton told his followers. In an effort to bounce back, he even asked for donations to help with his “reactivation.”

Later, he clarified that he was the only one affected, indicating no other assets were involved.

ZachXBT quickly traced the stolen funds. He confirmed that about 5.92 BTC had been taken and subsequently laundered through multiple transactions to Kucoin. Details of these transactions will be made public on various platforms.

Public Response

Reactions on social media were mixed. Some users expressed sympathy, while others raised doubts about the authenticity of the situation, pointing out that legitimate Ledger hardware wallets typically require physical verification. Some noted that asking for donations felt like a red flag. Dutton explained that he had been socially engineered into entering his seed phrase, which was the main method of the attack.

“No problem,” Dutton wrote in response to the criticisms. “It’s tough being scammed. It’s frustrating when people call you a liar. I’ve faced challenges like this throughout my life. I launched into cryptocurrency in 2017, and I wasn’t as cautious today as I should have been. Let this be a warning—there are numerous scams out there.”

Pattern of Attacks

This incident reflects a troubling trend targeting macOS users. In 2025, cybersecurity firm Moonrock reported malware that aimed to replace genuine Ledger Live installations on macOS, urging users to enter their seed phrase. Searching for “Ledger” in the App Store returns fake apps from third-party sellers instead of the actual developer, Ledger SAS.

For years, Ledger has insisted that its software should only be downloaded from ledger.com. They do not have a presence in consumer app stores, so any application listed under a different developer name should be considered a scam.

The method of the attack is straightforward: users look for the app in the store, find something that seems legitimate, install it, and then enter their seed phrase when prompted. This gives attackers complete access to wallets associated with that seed phrase, bypassing any protection the hardware wallet offers.

Self-storage of cryptocurrency requires that your seed phrase remains on the physical Ledger device and should only be entered directly on that device during initial setup. Entering it into any app or website exposes your entire wallet to risk.

As of April 12, 2026, major news outlets had not yet picked up the story, with Bitcoin.com News being the first to report the incident. G. Love mentioned that he plans to move on, expressing gratitude for his health, family, and his music career—including a recent performance at Tortuga Fest.

No legal action has been announced at this time.