MetaMask Warns against Phishing Attacks on Apple Devices

Monday, 18/04/2022 | 09:30 GMT by Arnab Shome
  • There is a security flaw with iCloud’s automatic app backup.
  • Hackers can access the seed phrase of the wallet from a compromised iCloud account.
MetaMask - Edited

The crypto wallet provider, MetaMask issued a warning to its user base against Apple iCloud phishing attacks who are using the cryptocurrency platform on an Apple device.

In an elaborated Twitter thread on Sunday, the ConsenSys-owned crypto wallet said that there is a security issue for the users who are using the platform on iPhone, Mac and iPad. The Apple devices store the users’ seed phrase by default on the iCloud when the automatic backup for app data is enabled.

It is a major security flaw and allows the attackers to target vulnerable users with phishing tactics, gaining access to their MetaMask wallet.
Additionally, the crypto wallet provider shared the process of disabling automatic app backups on Apple devices that can prevent such attacks.

A Widely Used Crypto Wallet

MetaMask is a massive crypto wallet platform that can be connected with decentralized finance (DeFi) platforms and other blockchain -based applications. It had 10 million active monthly users, according to official data published last August.

The users of this wallet are not new to phishing attacks as the platform issued similar warnings earlier.

The latest warning against the vulnerability of Apple devices came after a MataMask user lost $650,000 worth of cryptocurrencies and non-fungible tokens (NFTs) due to a specific security flaw.

The victim received multiple text messages from the attackers to reset their Apple passwords. In addition, they received a fraudulent call with spoofed caller ID who disguised themselves to be from Apple and received a six-digit verification code from the victim to authenticate their ownership of the account.

The attackers subsequently accessed the MetaMask wallet and drained all the stored funds.

“I’m not saying they shouldn’t do it, but they should tell us,” the victim said after the MetaMask warning. “Don’t tell us to never store our seed phrase digitally and then do it behind our backs. If 90% of the people knew this, I would bet none of them would have the app or iCloud on.”

The crypto wallet provider, MetaMask issued a warning to its user base against Apple iCloud phishing attacks who are using the cryptocurrency platform on an Apple device.

In an elaborated Twitter thread on Sunday, the ConsenSys-owned crypto wallet said that there is a security issue for the users who are using the platform on iPhone, Mac and iPad. The Apple devices store the users’ seed phrase by default on the iCloud when the automatic backup for app data is enabled.

It is a major security flaw and allows the attackers to target vulnerable users with phishing tactics, gaining access to their MetaMask wallet.
Additionally, the crypto wallet provider shared the process of disabling automatic app backups on Apple devices that can prevent such attacks.

A Widely Used Crypto Wallet

MetaMask is a massive crypto wallet platform that can be connected with decentralized finance (DeFi) platforms and other blockchain -based applications. It had 10 million active monthly users, according to official data published last August.

The users of this wallet are not new to phishing attacks as the platform issued similar warnings earlier.

The latest warning against the vulnerability of Apple devices came after a MataMask user lost $650,000 worth of cryptocurrencies and non-fungible tokens (NFTs) due to a specific security flaw.

The victim received multiple text messages from the attackers to reset their Apple passwords. In addition, they received a fraudulent call with spoofed caller ID who disguised themselves to be from Apple and received a six-digit verification code from the victim to authenticate their ownership of the account.

The attackers subsequently accessed the MetaMask wallet and drained all the stored funds.

“I’m not saying they shouldn’t do it, but they should tell us,” the victim said after the MetaMask warning. “Don’t tell us to never store our seed phrase digitally and then do it behind our backs. If 90% of the people knew this, I would bet none of them would have the app or iCloud on.”

About the Author: Arnab Shome
Arnab Shome
  • 6670 Articles
  • 102 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6670 Articles
  • 102 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}