The Right Place to Buy, Exchange and Borrow against Your Crypto.

Get Started
MetaMask warns Apple users of ‘phishing attack’ after scammer steals $650K in NFTs, ApeCoin from iPhone user MetaMask warns Apple users of ‘phishing attack’ after scammer steals $650K in NFTs, ApeCoin from iPhone user

MetaMask warns Apple users of ‘phishing attack’ after scammer steals $650K in NFTs, ApeCoin from iPhone user

MetaMask advised people with Apple devices to turn off iCloud storage after an iPhone user was scammed out of $650,000 worth of NFTs and ApeCoin.

MetaMask warns Apple users of ‘phishing attack’ after scammer steals $650K in NFTs, ApeCoin from iPhone user

Cover art/illustration via CryptoSlate

MetaMask warned Apple users to be wary of phishing attacks on April 17 after an iPhone user was scammed out of $650,000 worth of NFTs and ApeCoin (APE).

According to MetaMask, there is a security issue with the default settings on devices like the iPhone, iPad, and MacBook that allows malicious actors to see the seed phrase or “password-encrypted MetaMask vault” stored on Apple’s iCloud storage service.

Identifying the problem

On April 15, Twitter user Domenic Iacovone complained that he had lost all the non-fungible tokens (NFTs) in his wallet. This included three Mutant Apes, three Gutter Cats, and $100,000 in ApeCoin. 

Iacovone said he got a call on his phone that caller ID flagged as an Apple number. He initially did not pick up but called it back since the caller ID said it was from Apple.

Spoofed Apple number
Spoofed Apple number — Source: @Serpent

However, the caller was a scammer using a spoofed number. He asked Iacovone for a code sent to his phone under the pretense of being an Apple representative. Iacovone said he lost everything in his Metamask wallet seconds after sharing the code with the scammer.

Explaining the attack

Twitter user @Serpent, founder of crypto threat mitigation system Sentinel, explained the process for the phishing attack. According to him, the attacker used a caller ID spoofer which made them seem like they were from Apple, and claimed that there was suspicious activity on the account.

The scammer then requested a password reset for the victim’s Apple ID. The victim will get a code for resetting, and the scammer asks for that code, claiming it’s to verify they own the Apple ID.

In reality, the scammer uses the code to reset the victim’s password, which gives them access to the iCloud account. If MetaMask data is stored on iCloud, they can access it and steal the victims’ assets.

MetaMask’s proposed solution 

MetaMask has urged its users to disable iCloud backups for their application by using this toggle: “Settings > Profile > iCloud > Manage Storage > Backups.”

For those who want to turn off the feature entirely, they can do so at “Settings > Apple ID/iCloud > iCloud > iCloud Backup.”

Phishing attacks and the crypto space

This is not the first phishing attack scheme that the crypto industry has unraveled this year. OpenSea users faced “phishing attacks” that led to them losing millions of dollars; another attack saw the co-founder of Defiance lose $1.8 million worth of NFTs.

With the prevalence of such attacks and the rising sophistication of the methods employed, industry security experts have advised crypto holders to use cold wallets and avoid connecting their wallets to random websites.

Posted In: Hacks

Read Our Latest Market Report

Connect your wallet, trade with Orion Swap Widget.

Directly from this Widget: the top CEXs + DEXs aggregated through Orion. No account, global access.