MetaMask Issues Warnings to iCloud Users After $650K Phishing Attack

Share Article
In Brief
  • MetaMask has warned that Apple users are at risk of phishing attacks.

  • Falling victim to a phishing attack could mean a loss of funds.

  • Users are advised to protect themselves by disabling backups.

  • promo

    Gensokishi Online – Fantasy World Economy on the Metaverse Read now!

The Trust Project is an international consortium of news organizations building standards of transparency.

MetaMask has issued a warning to users of iPhone, Mac, and iPad devices of a phishing attack strategy after a user reported losing $650,000.

The threat particularly concerns devices that have automatic backups to iCloud, which is often a default setting.

Some users save their seed phrases on iCloud and run the risk of being compromised in the eventuality of an attacker discovering their password. 

“If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds,” reads the warning from MetaMask.

The warning also came with tips on how users can protect themselves from the threat. The easiest method is for users to disable iCloud backups by navigating to settings and making the necessary changes on the backups menu. 

Disable iCloud backups, advises MetaMask

In order to avoid getting caught by surprise, MetaMask recommends that backups should be turned off. 

A Twitter user with the handle “revive_dom” announced that his entire holdings had been stolen, including expensive NFTs and other assets. His losses amounted to around $650,000 according to security expert “Serpent.” The hacker accessed his seed phrase from iCloud.

According to the chronicle of events, revive_dom received text messages asking him to change his Apple ID password. A follow-up call from a spoofed Apple caller ID requested a one-time verification code to prove his ownership of the account. He complied and the scammers used the code to reset his password.

“The scammer will have access to the victim’s iCloud account, giving them free access to everything including all the data MetaMask stores on iCloud,” wrote Serpent. 

He went on to advise the use of cold wallets and to never give out verification codes. “Caller information is easy to spoof. Companies like Apple will never call you.”

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Share Article

Wahid loves to write, especially about Crypto and Blockchain. He started his blogging journey in 2017 and turned to crypto in 2019. Wahid is interested in tech, chess and DeFi. He aims to promote decentralization to everyone on the planet.

Follow Author

Make your first deposit and trade now to earn up to $3,000 in rewards!      

Join

UUEX airdrop: Sign up to get 50 USDT, you can Withdraw to Wallet

Sign up

Poloniex Space Traveller Program: Sign up to get 30 USDT.

Get now