MetaMask iPhone Users Susceptible to Phishing Attack
MetaMask, the popular DeFi wallet/browser extension, has issued a warning to all Apple users of possible iCloud phishing attacks.
In a tweet put out by the official MetaMask Twitter, the company stated that the encrypted passwords for users' crypto accounts (MetaMask Vaults), are automatically being uploaded to Apple’s cloud service if the iCloud option is enabled on the app.
This could open users to a potential security risk where a phishing account compromises a user's iCloud account in turn, taking all passwords linked to crypto wallets connected to the account.
People were tipped off by a Twitter user going under the alias “Domenic Iacovone” when he shared details of his funds held in a MetaMask wallet being “totally wiped out” by hackers.
“Got a phone call from Apple, literally from Apple (on my caller ID). Called it back because I suspected fraud and it was an Apple number. So I believed them. They asked for a code that was sent to my phone, and 2 seconds later, my entire MetaMask was wiped,” he wrote on April 15.
As per Domenic, the wallets were said to be holding valuable NFTs from the Mutant Ape Yacht Club (MAYC) collection, which included MAYC 28478, MAYC 8952, and MAYC 7536. It also had $100,000 in ApeCoin and other NFTs.
Iacovone is offering a $100,000 reward for any help he can get in recovering his stolen funds. According to the founder of Dape NFT, “Serpent”, the wallet contained up to $650,000.
In a follow-up Twitter thread Serpent explained the hack in detail, saying “MetaMask actually saves your seed phrase file on your iCloud. The scammers requested a password reset for the victim's Apple ID. After receiving the 2FA code, they were able to take control over the Apple ID, and access iCloud which gave them access to the victim's MetaMask.”
People should be wary of where you hold the keys to any of your wallets, but the last place it should be is in the cloud. Hackers have gotten smarter so we must too. If we are to continue to grow and engage within this community, it is our responsibility to do better, for stories like these only slow the adoption for the public.