Sign up for the Today newsletter
Get everything you need to know to start your day, delivered right to your inbox every morning.
Musician G. Love lost $430,000 in a crypto scam. Here’s his warning.
The G. Love & Special Sauce frontman and Cape Cod resident says he entered his seed phrase into what looked like a Ledger wallet app — but it was a fake.
Garrett Dutton was having a good day.
He was performing at a festival in Fort Lauderdale on April 10. Dutton — better known as G. Love, the frontman of G. Love & Special Sauce and Cape Cod resident — had just finished a show and squeezed in a workout at his hotel.
Back in his room with some quiet time, he figured he’d use the downtime productively: he’d recently bought a new Mac and figured he’d set up his crypto dashboard.
Within minutes, nearly a decade of crypto holdings — 5.924 BTC and half an Ethereum, worth approximately $430,000 — vanished after what turned out to be a fake Ledger wallet app scam involving a stolen seed phrase.
Advertisement:
“In a blink of an eye,” Dutton said, “10 years worth of savings was just kind of wiped away.”
How the fake Ledger app crypto scam worked
The trouble began when he came home from tour to find his computer broken. With young kids at home, he wasn’t sure what had happened. He replaced it with a new Mac, and started reinstalling his crypto tools.
The Ledger app he’d he’d previously used wasn’t there. So he did what many users do: he searched the Apple App Store and downloaded what looked like the Ledger Wallet app.
“I didn’t really think about it,” he said.
He’d already successfully set up a separate crypto account, called MetaMask, that same day. He was on a roll. Then came the critical step.
Advertisement:
The app prompted him to enter his seed phrase — the 12- or 24-word recovery code that functions as the master key to a crypto wallet. He typed it in.
“The minute I did that,” he said, “everything’s gone.”
At first, he didn’t fully understand what was happening. Then he watched the balance drain in real time. His Bitcoin disappeared first. The Ethereum followed moments later.
“I called my wife, and we were just both very emotionally distraught,” he said. “But she was very supportive.”
Ledger did not respond to requests for comment.
‘Malicious locksmiths’ and rising crypto scams
What Dutton had downloaded wasn’t the real Ledger app. It was a malicious copycat designed to capture seed phrases and drain wallets.
Christian Catalini, founder of the MIT Cryptoeconomics Lab, says this type of attack is increasingly common — and more sophisticated than ever.
“These actors create apps that often have a slight variation in the title,” Catalini explained. “They may look legitimate, they may even have some fake reviews. And as you can imagine, with AI, you can create a bunch of fake reviews, and you can pass a lot of the checks and balances that some of these app stores have created over time.”
He likened the tactic to “a malicious locksmith — someone that pretends to help you with your keys, but really is in charge of stealing them.”
Advertisement:
Some scammers submit a legitimate app first, accumulate good reviews, then quietly re-upload malicious versions. Others flood app stores with variations, hoping one gets through.
“It’s a law of large numbers,” he said. “All they need is one instance where the App Store review fails or misses something, and they get their app in.”
Both Apple’s App Store and Google Play rely on verification systems like DUNS numbers to confirm developers. But Catalini said those protections have eroded.
“A lot of these systems we’ve been relying on have lost its value,” he said
Dutton believes the scam is an “Apple issue” more so than an oversight on his part.
“I made a mistake, but again, it was because there was a trust factor with me believing in that company,” he said. “Even on the App Store, it’s a wild west.”
Apple did not respond to requests for comment.
Can stolen crypto be recovered?
After the theft, Dutton tracked what he could on the blockchain — which, unlike traditional banking, makes every transaction publicly visible. He said his assets were moved through multiple wallets, before landing in KuCoin wallet, a Seychelles-based cryptocurrency exchange.
He filed a report with the FBI’s Internet Crime Complaint Center (IC3), contacted local police, and tried reaching the FBI’s Boston office. KuCoin told him on social media it had frozen the wallet for seven days, but he doubts it made a difference.
Dear Sir,
— KuCoin (@kucoincom) April 14, 2026
First of all, thank you very much for telling us about the possible illegal activity and providing us with detailed information. Since we have not received a reply from you, we have proactively taken measures to protect user assets. We have taken temporary restraining…
“Those funds probably went into that wallet and were already dispersed,” he said.
Advertisement:
Catalini said tracing stolen crypto is possible — and an entire industry of blockchain analytics firms now do it. But recovery is another matter, and the sophistication of the attacks often involves deliberately obscuring trails.
“What bad actors do, they rapidly shuffle them through many hoops,” he said, making them difficult to retrieve.
A warning about seed phrases
Dutton had been saving the Bitcoin for long-term goals.
“For retirement, for your kids,” he said. “Just saving for the future.”
The seed phrase is effectively the key to a crypto wallet, and anyone who has it can immediately access funds. Legitimate apps should never prompt existing users to re-enter their seed phrase during setup.
Dutton’s advice to others is simple: never, under any circumstances, enter your seed phrase anywhere you’re not certain is legitimate.
“The Holy Grail is that you can never enter your seed phrase,” he said. “You can’t trust anybody. You can’t trust Apple. There’s no gatekeepers.”
Catalini echoed the warning and said many users may be safer using a reputable, regulated intermediary — a public company with a track record of security certifications — rather than trying to be your own bank.
He also urged users to scrutinize app publishers.
“If you click on a publisher and you realize they have 10 different apps that have nothing to do with each other, that’s definitely a red flag,” he said.
Moving forward
Dutton isn’t walking away from crypto. He still sees it as a financial equalizer for people without access to IPOs or traditional investment vehicles.
Advertisement:
But the loss is significant and recovery is unlikely.
“That’s a huge loss for our family,” he said. “My goal is to keep pushing forward. I have so much to be thankful for. I’ve got a great career.”
This year, his band is celebrating more than 30 years together and the 20th anniversary of “Lemonade,” one of their biggest records.
“Music is my life, and this is my side hustle,” he said. “The wings got clipped, but I’m gonna keep my head up and try to help anybody that I can to not make the same mistake.”
Be civil. Be kind.
Read our full community guidelines.To comment, please create a screen name in your profile
To comment, please verify your email address