By Shelly Melancon (Switzerland)
The crypto wallet service provider, MetaMask, has raised alarms over what it perceives as a well-planned phishing attack targeting users of Apple tech products.
The company sent out warnings to its community after observing some likely security system breaches on Apple products triggered when an Apple user activates an automatic iCloud backup of the MetaMask wallet. Their data and other personal details are stored online.
A cursory look into the issue reveals that there is a potential security system defect for iPhone, Mac, and iPad devices, which are all linked to default settings that enable a user’s password for the encrypted MetaMask vault stored on iCloud, especially when an automatic backup of app data is enabled.
On April 18, MetaMask posted a statement on its Twitter thread emphasizing that many users are at risk of losing their assets if their passwords are not strong enough to keep hackers at arm’s length. Additionally, attackers could be able to infiltrate the Apple iCloud and fish out users’ logging details with ease.
Therefore, the best way to prevent this from happening, as stated by MetaMask, is for users to deactivate or disable the automatic iCloud backup for MetaMask on their Apple devices.
NFT Collector Shares Phishing Attempts
The phishing warning from MetaMask is spurred by a report from an NFT collector using the alias on Twitter, “revive _ dom,” who revealed on April 25 the entire content of his wallet, which has $650,000 worth of digital collections, was emptied via phishing.
Also read:In another post, the DAPE NFT project also attracted the attention of the MetaMask team after it shared with its followers on Twitter what transpired to a victim of phishing.
According to them, multiple text messages were sent to the victim requesting a reset of his Apple password alongside picking up a call that was falsely purported to be from Apple, which turned out to be a spoof caller ID intended to get more information from him.
Unsuspecting the attacker’s motive, the victim gave out a six-digit verification code sent to him via text message to prove that he was the rightful owner of the Apple account. After getting all the information they wanted, the attacker hung up and accessed the MetaMask account via the details stored on the iCloud server.
Meanwhile, the victim was angry about the incident after MetaMask posted the warnings to alert other users of the imminent phishing attack. He vents his frustration with the company by saying that it should have told the users about the dangers of saving their passwords on iCloud before the phishing attack.
He further added that if 90% of users were aware of this flaw, no one among them would have enabled the iCloud features or even used the app on their devices.
However, the response to MetaMask’s warning has been supportive; many believe there should be alternatives like using cold storage to save login details. Some emphasize being diligent when holding assets in hot wallets like MetaMask.
At Tokenhell, we help over 5,000 crypto companies amplify their content reach—and you can join them! For inquiries, reach out to us at info@tokenhell.com. Please remember, cryptocurrencies are highly volatile assets. Always conduct thorough research before making any investment decisions. Some content on this website, including posts under Crypto Cable, Sponsored Articles, and Press Releases, is provided by guest contributors or paid sponsors. The views expressed in these posts do not necessarily represent the opinions of Tokenhell. We are not responsible for the accuracy, quality, or reliability of any third-party content, advertisements, products, or banners featured on this site. For more details, please review our full terms and conditions / disclaimer.