Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

MetaMask alerts Apple users about iCloud phishing attacks

MetaMask alerts Apple users about iCloud phishing attacks

According to the firm, if an Apple user has enabled automatic iCloud backups of their MetaMask wallet data, their seed phrase is preserved online.

MetaMask, a ConsenSys-owned cryptocurrency wallet business, has issued a warning to the public concerning Apple iCloud phishing attacks.

The issue affects users of iPhone, Mac, and iPad devices since default device settings store a user’s seed phrase or “password-encrypted MetaMask vault” to iCloud if the user has enabled automatic backups of their app data.

According to a Twitter thread started on April 18 by MetaMask, users risk losing their assets if their Apple password is “not strong enough” and an attacker is able to phish their account details.

Users may resolve the issue by stopping MetaMask’s automatic iCloud backups as follows:

MetaMask alerts Apple users about iCloud phishing attacks

The MetaMask warning was issued in response to accusations made on April 15 by an NFT collector identified on Twitter as “revive dom” that this specific security flaw had wiped their whole wallet, which included $650,000 in digital currencies and NFTs.

The author of the DAPE NFT project, “Serpent” – who also helped get MetaMask’s attention by sharing the story with their 277,000 followers – earlier today provided a recap of the victim’s ordeal in a separate thread.

According to them, the victim received multiple text messages asking him to reset his Apple ID password, as well as a false call from Apple with a forged caller ID.

“revive dom” provided a six-digit verification code to confirm their ownership of the Apple account, despite their apparent ignorance of the caller. The fraudsters then hung up and gained access to his MetaMask account by using data from his iCloud account.

“revive dom” expressed his dissatisfaction with MetaMask after today’s warning, stating that:

“I’m not saying they shouldn’t do it but they should tell us. Don’t tell us to never store our seed phrase digitally and then do it behind our backs. If 90% of the people knew this I would bet none of them would have the app or iCloud on.”

While the majority of the community was supportive, several stressed the need of cold storage and doing comprehensive due diligence prior to placing assets in a hot wallet.

About Humano

He is a freelance writer based in Turkey. He loves NFTs, football, film and technology.

Latest NFT News, Trendings and Tutorials, right in your inbox, every Monday

IMPORTANT DISCLAIMER: All content provided here in our website, hyperlinked sites, social media accounts and other platforms are for your general information only, procured from third party sources. We make no warranties of any kind in relation to our content. No part of the content that we provide constitutes financial advice, legal advice or any other form of advice meant for your specific reliance for any purpose. Any use or reliance on our content is solely at your own risk and discretion. You should conduct your own research, review, analyse and verify our content before relying on them.

Recommended Posts

Leave a Reply

Your email address will not be published. Required fields are marked *