With cryptocurrencies such as Bitcoin (BTC) and Ether (ETH) becoming more popular these days, cybercriminals are now increasingly targeting digital currency owners in their scams. Crypto wallet MetaMask recently issued a warning to users about Apple iCloud phishing attacks.
The ConsenSys-owned crypto wallet provider warned users that they could end up losing their funds due to the phishing attack. This could happen if they have enabled iCloud backup for app data on their devices.
“If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault,” Metamask wrote in a Twitter post on April 18. “If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds.”
The company said that the vulnerability can be addressed by simply disabling the automatic backup feature. “You can disable iCloud backups for MetaMask specifically by turning off the toggle here: Settings > Profile > iCloud > Manage Storage > Backups,” Metamask added. “If you want to avoid iCloud surprising you with unrequested backups in the future, you can turn off this feature at: Settings > Apple ID/iCloud > iCloud > iCloud Backup.”
MetaMask’s warning is in response to reports about an NFT collector called “revive_dom” on Twitter who claimed that the entire content of his wallet was stolen due to this issue. The wallet reportedly contained both cryptos and NFTs collectively worth around $650,000, according to Cointelegraph.
DAPE NFT project founder “Serpent” was among those who first shared the story on Twitter alerting MetaMask to the phishing scam and giving an outline of the scam’s process. The attack starts with the scammer requesting random password resets, which makes the victim suspicious. “2) Using a caller ID spoofer, the scammer will call the victim as Apple and claim there is suspicious activity on the account,” Serpent wrote on Twitter.
“3) The scammer will request a password reset for the victim's Apple ID,” Serpent added. “4) The scammer will ask the victim for the code, claiming it is to verify they are the real owner of the Apple ID when in reality they are using that code to reset the victim's password.”
Once done, the scammer will gain access to the iCloud account of the victim. This also means that they have access to the MetaMask data stored on iCloud.
Meanwhile, “revive_dom” expressed his dissatisfaction after MetaMask issued the warning. “I’m not saying they shouldn’t do it but they should tell us. Don’t tell us to never store our seed phrase digitally and then do it behind our backs,” he wrote. “If 90% of the people knew this I would bet none of them would have the app or iCloud on.”