- MetaMask has issued a warning regarding iCloud phishing attacks, saying, In case iCloud backups are enabled, their seed phrase is being kept online.
- MetaMask posted a thread on Twitter, where it noted that folks are going through a threatening path where they can lose their funds.
- This warning from MetaMask came as a response to an NFT collector on Twitter who asserted a loss of $650,000 worth of digital assets due to a security issue.
Phishing Alert !!
MetaMask, a wallet provider owned by ConsenSys, has issued a warning to the community about Apple iCloud phishing attacks.
Security concern for iPad, iPhone, and Mac users is associated with default settings on devices that see a folk’s seed phrase stored in iCloud if they have allowed accessibility to automatic backups for their application data.
As per a Twitter thread posted by MetaMask, users are running on a threatening route where their funds can get lost in case of a “weak” Apple password where a hacker is able to phish their account credentials.
Why Was This Warning Issued?
The warning from MetaMask was a response to an NFT collector dubbed “revive_dom” on Twitter, who stated that their whole wallet got wiped out through a particular security issue. It reportedly was containing $650,000 worth of virtual assets.
In another thread, “Serpent,” DAPE NFT project founder – who also assisted in gaining traction of MetaMask through posting story with their 277,000 followers — offered a rundown of what had occurred to a victim.
They highlighted that victim got multiple text messages requesting to reset his Apple ID password alongside a supposed call from Apple which was eventually a spoofed caller ID.
As they were purportedly unsuspecting of a caller, “revive_dom” handed over a 6 digit verification code to prove that they were the possessors of the Apple account. The fraudsters subsequently hung up and got accessibility to the MetaMask wallet through data kept in iCloud.
After MetaMask issued a warning, “revive_dom” showed his frustrations with the organization, highlighting that they are not saying that they should not do it but they can tell them. Don’t say that folks cannot store their seed phrase and then do it behind their backs. Only if 90% of the folks knew this, they wouldn’t enable iCloud.
While the majority of community members were supportive, others were swift to emphasize the significance of utilizing cold storage and doing a lot of due diligence when keeping assets in a hot wallet.
ALSO READ: Exploit in DeFi Governance protocol at Beanstalk Farms resulted in $182mn loss
Source: https://www.thecoinrepublic.com/2022/04/18/metamask-alerts-to-be-aware-of-icloud-phishing-hacks/