Philadelphia musician G. Love, whose real name is Garrett Dutton, has reportedly lost nearly 6 BTC after downloading a fake Ledger Wallet app, according to multiple reports circulating on April 12, 2026. The incident highlights persistent wallet impersonation risks on major app platforms.
What the report says happened to G. Love
According to unconfirmed reports, Dutton downloaded what appeared to be a legitimate Ledger application from Apple’s Mac App Store. The fake app allegedly enabled attackers to drain his Bitcoin holdings, which reportedly represented part of his retirement savings.
On-chain investigator ZachXBT stated he traced 5.92 BTC stolen from the victim, noting the funds were laundered through KuCoin deposit addresses.
One of the cited transaction hashes, 6f5c8eb6…59bcf1f, was confirmed on Bitcoin mainnet on April 11, 2026. That specific transaction carried an output value of 0.41396662 BTC, consistent with funds being split across multiple laundering paths.
Hi I traced out your 5.92 BTC stolen and it was all laundered via @kucoincom deposit addresses in the following transactions:
6f5c8eb6b01774626f33527e0cb03c0d1860447acacd6079e69bf41b459bcf1f
9ee1288f941b2c3775ebd125eefeebdc713aa160bf2cf9d18661fd07f84ce891…— ZachXBT (@zachxbt) April 12, 2026
Source: @zachxbt on X
At Bitcoin’s current trading price of $71,165, the traced 5.92 BTC loss would be worth approximately $421,000.
ON-CHAIN DATA
- Transaction hash: 6f5c8eb6…59bcf1f
- Output value: 0.41396662 BTC
- Block: #944,624 (April 11, 2026, 18:26 UTC)
- Trail: Laundered via KuCoin deposit addresses per ZachXBT
How the fake Ledger Wallet app reportedly enabled the theft
The attack vector was not a flaw in Bitcoin or in genuine Ledger hardware. Instead, a counterfeit application mimicking Ledger’s branding was reportedly distributed through Apple’s Mac App Store, exploiting the trust users place in curated platforms.
Ledger’s own security documentation explicitly warns that official app stores can contain fake and malicious wallet apps designed to steal crypto and extract private keys or seed phrases. The company advises users to download wallet software only from its official website.
The likely mechanism involves tricking users into entering their seed phrase on an internet-connected device. Security researcher Beau issued a public warning directly relevant to this type of scam.
This scam tactic tricks more people than it should
You will NEVER need to enter your hardware wallet seedphrase on an internet connected device (laptop, phone, smart fridge etc)
If you’re restoring a wallet, always do so by entering your seedphrase on a hardware wallet device… https://t.co/IYUV36Pnfa
— Beau (@beausecurity) April 11, 2026
Source: @beausecurity on X
No direct statement from Apple confirming the app’s removal has been located. The status of the fake listing remains unconfirmed.
Why this case matters for Bitcoin users
This incident arrives during a period of heightened market anxiety. The Fear and Greed Index sat at 16, classified as Extreme Fear, at the time of research. Bitcoin itself had declined roughly 3.2% in the prior 24 hours, part of a broader pullback that has driven the crypto market lower this week.
Wallet impersonation scams are not new, but the involvement of a recognizable public figure draws wider attention to a persistent self-custody risk. Similar impersonation tactics have recently targeted crypto executives, suggesting the technique remains profitable for attackers across different platforms.
For Bitcoin holders managing their own keys, the core takeaway is verification. Ledger’s official guidance, Beau’s warning, and the facts of this case all point to the same rule: a hardware wallet seed phrase should never be entered on any internet-connected device. Wallet software should be sourced exclusively from the manufacturer’s verified website, not from third-party app stores, regardless of how legitimate the listing appears.
No direct statement from the victim has been independently located. A direct, fetchable victim statement from G. Love or Garrett Dutton was not available at the time of publication, so victim attribution still relies on secondary reporting. Readers holding significant BTC, including those tracking corporate Bitcoin treasury movements, should treat this case as a reminder that custodial security begins at the point of software download.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.