MetaMask, a crypto wallet provider owned by ConsenSys, has issued a warning to the community about Apple iCloud phishing attacks.
The security issue for iPhone, Mac, and iPad users is caused by default device settings that store a user’s seed phrase or “password-encrypted MetaMask vault” on the iCloud if the user has enabled automatic backups for their application data.
MetaMask noted in a Monday Twitter thread that users risk losing their funds if their Apple password isn’t strong enough and an attacker is able to phish their account credentials.
Users can resolve the issue by disabling automatic iCloud backups for MetaMask, as detailed below:
The MetaMask warning came in response to reports from an NFT collector known on Twitter as “revive dom,” who stated on Friday that their entire wallet containing $650,000 in digital assets and nonfungible tokens (NFTs) was wiped due to this specific security issue.
DAPE NFT project founder “Serpent” — who also helped gain the attention of MetaMask by posting sharing the story with their 277,000 followers — gave a rundown of what happened to the victim in a separate thread earlier today.
They reported that the victim received multiple text messages asking him to reset his Apple ID password, as well as a phony call from Apple that turned out to be a spoofed caller ID.
Because they were apparently unaware of the caller, “revive_dom” provided a six-digit verification code to prove ownership of the Apple account. The scammers then hung up and gained access to his MetaMask account through data stored on iCloud.
While the majority of the community was supportive, others were quick to point out the importance of using cold storage and conducting extensive due diligence when storing assets in a hot wallet.