US musician Garret Dutton (G.Love) has claimed that he lost $420,000 (roughly Rs. 3.9 crore) worth of Bitcoin after he tried installing the self-custody crypto app called Ledger Live from the App Store. This app turned out to be malicious, as he had entered his seed phrase, which led to him losing 5.9 BTC instantly. Dutton also mentioned in his post on X that he was accumulating these Bitcoins to secure his retirement.
Update (10:30am, April 14): This article has been updated with a statement from Ledger CTO Charles Guillemet.
Bitcoin Allegedly Laundered via KuCoin Addresses Across Nine Transactions
A blockchain sleuth, who goes by the name ZachXBT, replied to Gutton’s post and said that he had traced his 5.9 BTC, and it was all laundered via KuCoin addresses, across nine transactions. ZachXBT also replied to one of the users, saying that “KuCoin has an ongoing problem with such illicit services abusing broker/personal accounts, which compliance does nothing to regulate.”
Hi I traced out your 5.92 BTC stolen and it was all laundered via @kucoincom deposit addresses in the following transactions:
6f5c8eb6b01774626f33527e0cb03c0d1860447acacd6079e69bf41b459bcf1f
9ee1288f941b2c3775ebd125eefeebdc713aa160bf2cf9d18661fd07f84ce891…— ZachXBT (@zachxbt) April 12, 2026
This is not the first time a fake Ledger App case has surfaced online. In 2023, ZachXBT posted about another similar case where a malicious application was present on Microsoft’s app store, which led to a scam of approximately 16.8 BTC worth $588,000 (roughly Rs. 5.4 crore) at the time.
On-chain analysts spotted this in time as the users were tricked into thinking that they were accessing Ledger Live Web3, instead of Ledger Live, which is a user interface for Ledger hardware wallets to store cryptocurrency offline.
Data by DeFiLlama shows that crypto hacks and losses have recorded a total of 453 million (roughly Rs. 3,770 crore) in the first quarter of 2026, showing that the frequency of malicious crypto activities continues to be a threat in this landscape, and the case of Garret Dutton is just a reminder that on-chain security, better regulations for DeFi protocols and crypto education are key factors in curbing this problem.
In a statement provided to Gadgets 360, Ledger CTO Charles Guillemet said, “Ledger will never ask for your 24 words. If anyone, or any app, is asking for your 24 words, assume something is wrong. Ledger consistently reminds the community about this. You cannot trust the software environment around you – not your browser, not your app store, not your desktop. Attackers operate wherever the opportunity exists, and that includes official distribution platforms. The only protection that holds is keeping your private keys on a dedicated hardware device with a secure screen, like a Ledger signer, and never entering your seed phrase into any app or website. Your 24 words are your wallet.”
This case also highlights the importance of a stronger platform oversight and user awareness, as even experienced investors can fall prey to such notorious bad actors in this complex crypto landscape.
Cryptocurrency is an unregulated digital currency, not a legal tender and subject to market risks. The information provided in the article is not intended to be and does not constitute financial advice, trading advice or any other advice or recommendation of any sort offered or endorsed by NDTV. NDTV shall not be responsible for any loss arising from any investment based on any perceived recommendation, forecast or any other information contained in the article.
