Popular software crypto wallet MetaMask has issued a warning about possible phishing attacks through Apple’s cloud service iCloud. The warning comes after scammers managed to steal USD 650,000 worth of crypto using this attack vector.
The company detailed that MetaMask vaults, the encrypted passwords also known as seed phrases, are uploaded to iCloud if the backup option is enabled. This would enable scammers to gain access to the seed phrase as soon as they compromise a user’s iCloud account.
"If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault," MetaMask said. "If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds."
MetaMask also provided users with a guide on how to disable iCloud backups for MetaMask.
The warning comes after scammers used this attack vector to drain funds from a user's MetaMask wallet. Called Domenic Iacovone on Twitter, the user says he received a call from "Apple."
The user got multiple text messages asking him to reset his Apple ID password on April 15, according to Serpent, founder of Sentinel, a discord and crypto threat mitigation system.
The messages came from a spoofed caller ID trying to impersonate "Apple Inc." They said there was suspicious activity on the victim's Apple ID and asked for a one-time verification code to prove the owner of the Apple ID account.
"After giving the 6 digit verification code, the scammers hung up and his MetaMask wallet was wiped, with over [USD] 650,000 stolen," Serpent said, adding that this was possible because the user's seed phrase was saved on their iCloud.
3/ MetaMask actually saves your seed phrase file on your iCloud. The scammers requested a password
Read more on cryptonews.com