Trusted

SlowMist Executive Discovers Crypto Phishing Involving 2FA on Apple Devices

2 mins
Updated by Kyle Baird
Join our Trading Community on Telegram

In Brief

  • SlowMist researcher warns of a new phishing attack on Apple devices targeting crypto holders, stealing accounts and passwords.
  • Cybersecurity firm Kaspersky discovered vulnerabilities in iOS and macOS platforms, potentially leading to loss of crypto assets.
  • MetaMask warned of iCloud backup vulnerability, stressing the need for strong password settings to prevent potential loss of funds.
  • promo

There is a new kind of crypto phishing attack related to 2FA on Apple devices, according to a SlowMist security researcher. Once attacked, the perpetrator could gain access to wallet info on iCloud.

A SlowMist security researcher posted information about a new kind of attack concerning crypto holders on Apple devices. The researcher said that a malicious phishing program was on the Apple App Store.

SlowMist Exec Talks About Crypto Phishing on Apple Devices

The executive stated that this was the latest kind of attack on Apple IDs, with the malicious phishing program stealing users’ accounts and passwords. It does so by imitating normal applications. The attacker then “adds their own number to the trusted number of two-factor authentication to control account permissions.”

This is especially important for cryptocurrency users because oftentimes, they will back up their wallets on iCloud. If attacked, they stand the chance to lose assets if their 2FA is compromised.

Others in online forums have also talked about how they are being phished despite 2FA. It’s clear that this is a new kind of phishing attack, which has become popular as a means to steal funds.

Phishing is one of the many crypto scams that are dangerous for the crypto community. Check out our guide on crypto security to learn more about such vulnerabilities in the space: Top 5 Flaws in Crypto Security and How To Avoid Them

Cybersecurity company Kaspersky had also discovered that there were vulnerabilities in the iOS and macOS platforms, which could result in the loss of crypto assets. Specifically, the security flaws would allow attackers to gain access to user details and root privileges.

SlowMist later confirmed that these vulnerabilities were present in both operating systems. Both SlowMist and Kaspersky asked users to update their iOS and macOS devices.

The warning comes not long after Kaspersky revealed that crypto phishing attacks increased by 40% year-over-year between 2022 and 2021.

MetaMask Also Warned of iCloud Backup Vulnerability

Furthermore, in addition to SlowMist’s crypto phishing warning, MetaMask also pointed out the vulnerabilities in iCloud backups in the past.

The wallet provider warned Apple users in April 2023 that automatic iCloud backups of their MetaMask wallet data would have their seed phrases stored online.

The warning told users who had not changed their default device settings that they would be subject to potentially losing their funds if they didn’t take necessary security precautions.

Such precautions include setting a strong password. One NFT collector experienced this very kind of attack, losing about $650,000 worth of NFTs in April.

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Rahul-Nambiampurath.jpg
Rahul Nambiampurath
Rahul Nambiampurath's cryptocurrency journey first began in 2014 when he stumbled upon Satoshi's Bitcoin whitepaper. With a bachelor's degree in Commerce and an MBA in Finance from Sikkim Manipal University, he was among the few that first recognized the sheer untapped potential of decentralized technologies. Since then, he has helped DeFi platforms like Balancer and Sidus Heroes — a web3 metaverse — as well as CEXs like Bitso (Mexico's biggest) and Overbit to reach new heights with his...
READ FULL BIO
Sponsored
Sponsored