{"id":16812,"date":"2026-04-14T10:33:20","date_gmt":"2026-04-14T17:33:20","guid":{"rendered":"https:\/\/jasonsblog.ddns.net\/?p=16812"},"modified":"2026-04-14T10:33:20","modified_gmt":"2026-04-14T17:33:20","slug":"musician-loses-420k-bitcoin-retirement-fund-via-fake-ledger-app","status":"publish","type":"post","link":"https:\/\/jasonsblog.ddns.net\/index.php\/2026\/04\/14\/musician-loses-420k-bitcoin-retirement-fund-via-fake-ledger-app\/","title":{"rendered":"Musician Loses $420k Bitcoin \u2018Retirement Fund\u2019 via Fake Ledger App"},"content":{"rendered":"\n

It’s crypto 101 that you use a secure and opensource hardware wallet for holdings of substance, where the private key is kept offline from a computer connected to the internet (USB connection to the computer can be alright if properly engineered, same for BT…). And you never input your seed phrase representing your private key into an internet connected computer vulnerable to exploits, e.g. Windows, macOS, Android, iOS, Linux, BSD… holding an amount you’re not willing to lose. And it doesn’t sound like a fault of Ledger in this circumstance, but their software is not opensource, so I wouldn’t use their hardware or software. Most of the more reputable hardware wallet companies with their own software will sign the application with a PGP key or give at least a checksum, and then securely self update afterwards. And grab it directly from them. And for Bitcoin, Sparrow wallet is a solid option you can compile from source code yourself. If you don’t know how to protect seed phrases, learn before you do self custody of anything significant. And with being your own bank, you have to keep up with security best practices and always learning. Consequently, there are wonderful hardware wallets today with secure elements to protect your secret key, where you can self-custody with confidence.<\/p>\n\n\n\n

https:\/\/cointelegraph.com\/news\/musician-loses-420k-bitcoin-retirement-fund-after-installing-fake-ledger-app<\/a><\/p>\n\n\n

<\/div><\/div><\/div>\n\n\n
Blockchain sleuth ZachXBT said Garrett Dutton\u2019s 5.9 Bitcoin has already been sent to deposit addresses associated with KuCoin.<\/h5>\n\n\n\n
\"Musician
News<\/figcaption><\/figure>\n\n\n\n

Update (April 14, 1:07 am UTC): This article has been updated to include a comment from Ledger chief technology officer Charles Guillemet.<\/p>\n\n\n\n

Garrett Dutton, an American musician better known as \u201cG. Love,\u201d said he lost $420,000 worth of Bitcoin after installing a malicious app impersonating the self-custody crypto app Ledger Live from Apple\u2019s App Store and entering his seed phrase.<\/p>\n\n\n\n

\u201cI had a really tough day,\u201d Dutton told<\/a> his 67,500 followers in a post on X on Saturday, adding that he lost his 5.9 Bitcoin, BTC $74,754<\/a>, stash \u201cin an instant\u201d after spending about 10 years accumulating the coins to secure his retirement.<\/p>\n\n\n\n

\"\"\/
Source: <\/em>Garrett Dutton<\/em><\/a><\/figcaption><\/figure>\n\n\n\n

In a follow-up post, crypto sleuth ZachXBT said<\/a> that Dutton\u2019s Bitcoin has been sent to deposit addresses linked to the crypto exchange KuCoin across nine transactions. KuCoin replied<\/a> to the post with a statement typically addressed to customers.<\/p>\n\n\n\n

The incident highlights a continued problem that bad actors have posed in the crypto industry. On Tuesday, the US Federal Bureau of Investigation reported that Americans lost over $11 billion <\/a>from crypto-related incidents in 2025, up from the $9 billion recorded the previous year.<\/p>\n\n\n\n

Ledger chief technology officer Charles Guillemet told Cointelegraph that Ledger never asks users for their 24-word seed phrase.<\/p>\n\n\n\n

\u201dIf anyone, or any app, is asking for your 24 words, assume something is wrong,\u201d Guillemet said. \u201cLedger consistently reminds the community about this. You cannot trust the software environment around you \u2014 not your browser, not your app store, not your desktop.\u201d<\/p>\n\n\n\n

Dutton said<\/a> he was tricked into sharing his seed phrase after downloading the malicious software on his new Apple MacBook Neo but didn\u2019t share which link he used.<\/p>\n\n\n\n

\u201cI been in the crypto circus since 2017. Today they caught me off guard. It was my own damn fault for not being more diligent. But let it serve as a warning. There’s so many scams,\u201d he added.<\/a><\/p>\n\n\n\n

Cointelegraph was unable to find the fake Ledger app on Apple’s App Store at the time of writing. Cointelegraph reached out to Apple for comment but did not receive an immediate response.<\/p>\n\n\n\n

Fake Ledger apps have appeared on Microsoft\u2019s store<\/h2>\n\n\n\n

Scammers have been adopting this fake Ledger app strategy since at least 2023.<\/p>\n\n\n\n

That year, almost $600,000 worth of Bitcoin was stolen<\/a> from several users who downloaded a fake Ledger Live<\/a> application from Microsoft\u2019s app store.<\/p>\n\n\n\n

Microsoft admitted that the malicious app had bypassed its review process and took it down shortly after.<\/p>\n","protected":false},"excerpt":{"rendered":"

It’s crypto 101 that you use a secure and opensource hardware wallet for holdings of substance, where the private key is kept offline from a computer connected to the internet (USB connection to the computer can be alright if properly engineered, same for BT…). And you never input your seed phrase representing your private key […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,7],"tags":[],"class_list":["post-16812","post","type-post","status-publish","format-standard","hentry","category-tech","category-world"],"blocksy_meta":[],"featured_image_src":null,"author_info":{"display_name":"Jason","author_link":"https:\/\/jasonsblog.ddns.net\/index.php\/author\/jturning\/"},"_links":{"self":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/16812","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/comments?post=16812"}],"version-history":[{"count":1,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/16812\/revisions"}],"predecessor-version":[{"id":16813,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/16812\/revisions\/16813"}],"wp:attachment":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/media?parent=16812"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/categories?post=16812"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/tags?post=16812"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}