Your life savings could be gone in one click: How a fake crypto app bypassed Apple's security

A malicious clone of the Ledger Live app, disguised as the official version, was available on Apple's App Store and has been linked to the theft of at least $9.5 million in cryptocurrency. The phishing campaign, active from April 7 to April 13, targeted dozens of victims across multiple blockchains including Bitcoin, Ethereum, Tron, Solana, and XRP. Some victims reported losing their entire life savings, with one user losing 5.9 BTC, accumulated over a decade. Stolen funds were laundered through over 150 KuCoin deposit addresses and a mixing service called 'AudiA6'. Apple has since removed the fake app, but questions remain about how it bypassed security checks. This incident highlights the ongoing threat of social engineering and phishing in the crypto industry, with an estimated $17 billion lost to hacks and scams in 2025.

(Source：CoinDesk)