The crypto wallet service provider, MetaMask, has raised alarms over what it perceives as a well-planned phishing attack targeting users of Apple tech products.
The company sent out warnings to its community after observing some likely security system breaches on Apple products triggered when an Apple user activates an automatic iCloud backup of the MetaMask wallet. Their data and other personal details are stored online.
A cursory look into the issue reveals that there is a potential security system defect for iPhone, Mac, and iPad devices, which are all linked to default settings that enable a user’s password for the encrypted MetaMask vault stored on iCloud, especially when an automatic backup of app data is enabled.
On April 18, MetaMask posted a statement on its Twitter thread emphasizing that many users are at risk of losing their assets if their passwords are not strong enough to keep hackers at arm’s length. Additionally, attackers could be able to infiltrate the Apple iCloud and fish out users’ logging details with ease.
Therefore, the best way to prevent this from happening, as stated by MetaMask, is for users to deactivate or disable the automatic iCloud backup for MetaMask on their Apple devices.
NFT Collector Shares Phishing Attempts
The phishing warning from MetaMask is spurred by a report from an NFT collector using the alias on Twitter, “revive _ dom,” who revealed on April 25 the entire content of his wallet, which has $650,000 worth of digital collections, was emptied via phishing.
In another post, the DAPE NFT project also attracted the attention of the MetaMask team after it shared with its followers on Twitter what transpired to a victim of phishing.
According to them, multiple text messages were sent to the victim requesting a reset of his Apple password alongside picking up a call that was falsely purported to be from Apple, which turned out to be a spoof caller ID intended to get more information from him.
Unsuspecting the attacker’s motive, the victim gave out a six-digit verification code sent to him via text message to prove that he was the rightful owner of the Apple account. After getting all the information they wanted, the attacker hung up and accessed the MetaMask account via the details stored on the iCloud server.
Meanwhile, the victim was angry about the incident after MetaMask posted the warnings to alert other users of the imminent phishing attack. He vents his frustration with the company by saying that it should have told the users about the dangers of saving their passwords on iCloud before the phishing attack.
He further added that if 90% of users were aware of this flaw, no one among them would have enabled the iCloud features or even used the app on their devices.
However, the response to MetaMask’s warning has been supportive; many believe there should be alternatives like using cold storage to save login details. Some emphasize being diligent when holding assets in hot wallets like MetaMask.
Tokenhell produces content exposure for over 5,000 crypto companies and you can be one of them too! Contact at info@tokenhell.com if you have any questions. Cryptocurrencies are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by Tokenhell authors (namely Crypto Cable , Sponsored Articles and Press Release content) and the views expressed in these types of posts do not reflect the views of this website. Tokenhell is not responsible for the content, accuracy, quality, advertising, products or any other content or banners (ad space) posted on the site. Read full terms and conditions / disclaimer.
