The crypto wallet provider, MetaMask issued a warning to its user base against Apple iCloud phishing attacks who are using the cryptocurrency platform on an Apple device.
In an elaborated Twitter thread on Sunday, the ConsenSys-owned crypto wallet said that there is a security issue for the users who are using the platform on iPhone, Mac and iPad. The Apple devices store the users’ seed phrase by default on the iCloud when the automatic backup for app data is enabled.
It is a major security flaw and allows the attackers to target vulnerable users with phishing tactics, gaining access to their MetaMask wallet.
Additionally, the crypto wallet provider shared the process of disabling automatic app backups on Apple devices that can prevent such attacks.
A Widely Used Crypto Wallet
MetaMask is a massive crypto wallet platform that can be connected with decentralized finance (DeFi) platforms and other blockchain -based applications. It had 10 million active monthly users, according to official data published last August.
The users of this wallet are not new to phishing attacks as the platform issued similar warnings earlier.
The latest warning against the vulnerability of Apple devices came after a MataMask user lost $650,000 worth of cryptocurrencies and non-fungible tokens (NFTs) due to a specific security flaw.
The victim received multiple text messages from the attackers to reset their Apple passwords. In addition, they received a fraudulent call with spoofed caller ID who disguised themselves to be from Apple and received a six-digit verification code from the victim to authenticate their ownership of the account.
The attackers subsequently accessed the MetaMask wallet and drained all the stored funds.
“I’m not saying they shouldn’t do it, but they should tell us,” the victim said after the MetaMask warning. “Don’t tell us to never store our seed phrase digitally and then do it behind our backs. If 90% of the people knew this, I would bet none of them would have the app or iCloud on.”
