MetaMask Warns against Phishing Attacks on Apple Devices
- There is a security flaw with iCloud’s automatic app backup.
- Hackers can access the seed phrase of the wallet from a compromised iCloud account.
The crypto wallet provider, MetaMask issued a warning to its user base against Apple iCloud phishing
Phishing
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno
Read this Term attacks who are using the cryptocurrency platform on an Apple device.
In an elaborated Twitter thread on Sunday, the ConsenSys-owned crypto wallet said that there is a security issue for the users who are using the platform on iPhone, Mac and iPad. The Apple devices store the users’ seed phrase by default on the iCloud when the automatic backup for app data is enabled.
🔒 If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds. (Read on 👇) 1/3
— MetaMask 🦊💙 (@MetaMask) April 17, 2022
It is a major security flaw and allows the attackers to target vulnerable users with phishing tactics, gaining access to their MetaMask wallet.
Additionally, the crypto wallet provider shared the process of disabling automatic app backups on Apple devices that can prevent such attacks.
A Widely Used Crypto Wallet
MetaMask is a massive crypto wallet platform that can be connected with decentralized finance (DeFi) platforms and other blockchain
Blockchain
Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tampe
Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tampe
Read this Term-based applications. It had 10 million active monthly users, according to official data published last August.
The users of this wallet are not new to phishing attacks as the platform issued similar warnings earlier.
The latest warning against the vulnerability of Apple devices came after a MataMask user lost $650,000 worth of cryptocurrencies and non-fungible tokens (NFTs) due to a specific security flaw.
The victim received multiple text messages from the attackers to reset their Apple passwords. In addition, they received a fraudulent call with spoofed caller ID who disguised themselves to be from Apple and received a six-digit verification code from the victim to authenticate their ownership of the account.
The attackers subsequently accessed the MetaMask wallet and drained all the stored funds.
“I’m not saying they shouldn’t do it, but they should tell us,” the victim said after the MetaMask warning. “Don’t tell us to never store our seed phrase digitally and then do it behind our backs. If 90% of the people knew this, I would bet none of them would have the app or iCloud on.”
The crypto wallet provider, MetaMask issued a warning to its user base against Apple iCloud phishing
Phishing
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno
Read this Term attacks who are using the cryptocurrency platform on an Apple device.
In an elaborated Twitter thread on Sunday, the ConsenSys-owned crypto wallet said that there is a security issue for the users who are using the platform on iPhone, Mac and iPad. The Apple devices store the users’ seed phrase by default on the iCloud when the automatic backup for app data is enabled.
🔒 If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds. (Read on 👇) 1/3
— MetaMask 🦊💙 (@MetaMask) April 17, 2022
It is a major security flaw and allows the attackers to target vulnerable users with phishing tactics, gaining access to their MetaMask wallet.
Additionally, the crypto wallet provider shared the process of disabling automatic app backups on Apple devices that can prevent such attacks.
A Widely Used Crypto Wallet
MetaMask is a massive crypto wallet platform that can be connected with decentralized finance (DeFi) platforms and other blockchain
Blockchain
Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tampe
Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tampe
Read this Term-based applications. It had 10 million active monthly users, according to official data published last August.
The users of this wallet are not new to phishing attacks as the platform issued similar warnings earlier.
The latest warning against the vulnerability of Apple devices came after a MataMask user lost $650,000 worth of cryptocurrencies and non-fungible tokens (NFTs) due to a specific security flaw.
The victim received multiple text messages from the attackers to reset their Apple passwords. In addition, they received a fraudulent call with spoofed caller ID who disguised themselves to be from Apple and received a six-digit verification code from the victim to authenticate their ownership of the account.
The attackers subsequently accessed the MetaMask wallet and drained all the stored funds.
“I’m not saying they shouldn’t do it, but they should tell us,” the victim said after the MetaMask warning. “Don’t tell us to never store our seed phrase digitally and then do it behind our backs. If 90% of the people knew this, I would bet none of them would have the app or iCloud on.”