When the user turns on the automatic backup function of iCloud, the password on the MetaMask wallet will be stored online, which becomes a vulnerability for hacker attacks.
On April 17, an NFT investor nicknamed “recovery_dom” stole 132.86 ETH and over 252,400 USDT, totaling around $655,000, from the MetaMask wallet due to iCloud security issues. Prominent NFT investor Serpent has warned users about the scam.
According to Serpent, due to suspicious activity, the person received a series of messages asking to reset the Apple ID password. Meanwhile, @revive_dom has received numerous calls posing as Apple employees. Out of an abundance of caution, @revive_dom sent Apple employee impersonators a personal iCloud password reset verification code.
Shortly after, the attackers stole all the assets in the victim’s MetaMask wallet.
The official MetaMask Twitter channel warned users about the iCloud attack after Serpent was released. Specifically, this security issue occurs when users turn on automatic backups on Apple devices. After that, the security key (password) of the digital wallet will be stored on the platform.
MetaMask warns that if a user’s iCloud account password is weak and insecure, the password could be stolen. Attackers can trick users into obtaining login credentials and steal the security characters of cryptocurrency wallets.
According to MetaMask, to turn off automatic backups on Apple devices, users need to go to Settings > Apple ID/iCloud > iCloud Backup and choose to disable the feature.
NFT investor Serpent also gave his personal experience after being attacked. According to Serpent, users should use cold wallets to store cryptocurrencies and never reveal personal information to anyone.
“It’s important to note that caller information can be easily spoofed. A big company like Apple would never call a user,” Serpent added.