Garrett Dutton, known as G. Love, lost approximately $420,000 in Bitcoin after entering his seed phrase into a counterfeit app downloaded from the App Store.
Garrett Dutton, American singer and musician known as G. Love, frontman of the hip-hop blues band G. Love & Special Sauce, lost 5.9 BTC – equivalent to approximately $420,000 – due to a malicious application impersonating the official Ledger app. The incident was made public on Saturday, April 12, 2026, through a post on X, in which Dutton recounted downloading the counterfeit app from the App Store onto his new computer and entering his seed phrase, instantly losing all of his Bitcoin.
Onchain investigator ZachXBT reported that the attacker laundered the stolen Bitcoin through KuCoin deposit addresses, distributing the funds across nine separate transactions.
The case fits into a well-established pattern of attacks targeting Ledger users. Scammers have over time adopted various tactics: phishing emails, physical letters sent to Ledger customers requesting seed phrases, and now fake apps uploaded to official stores. Ledger itself has publicly warned that official app stores can host fake and malicious applications “designed exclusively to steal your cryptocurrencies”, recommending downloading its wallet app exclusively from the official website.
According to the FBI‘s annual report, losses from crypto crime reached a record $11.36 billion in 2025. The Internet Crime Complaint Center received 181,565 cryptocurrency-related complaints in the past year, marking a 21% increase compared to 2024. The average reported loss was $62,604 per victim, while 18,589 victims reported losses exceeding $100,000 each in cryptocurrency-related schemes.
The fundamental recommendation for hardware wallet users remains to never enter their seed phrase into any software application, regardless of its apparent origin, and to rely exclusively on the manufacturer’s official channels. For further reading on security threats in the crypto sector, see our article on fake CAPTCHAs that install malware to steal cryptocurrencies.
