MetaMask Alerts Apple Users After Collector Loses $650,000 In NFTs To iCloud Phishing Exploit

• Decentralized digital wallet MetaMask notified Apple users of a key security concern regarding their private seed phrase

• MetaMask asked users to disable automatic iCould backups for their wallets

• The alert follows news of a user who lost an estimated $650,000 in NFTs and digital assets after falling prey to a phishing attack

MetaMask, an Ethereum wallet developed by blockchain company ConsenSys, has alerted Apple users on how to mitigate security breaches and avoid phishing attacks by disabling automatic backups for their wallets.

According to a thread published by the digital wallet provider on Sunday (April 17, 2022), users run the risk of getting hacked if they allow iCloud to backup their MetaMask data and passwords. The verified wallet handle also provided instructions on how to negate this security concern.

🔒 If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds. (Read on 👇) 1/3

— MetaMask 🦊💙 (@MetaMask) April 17, 2022

MetaMask User Cries Out After Phishing Attack Steals Over $600,000 in NFTs

The ConsenSys-developed application recently rolled out fiat-based payment support for mobile users on Apple’s iOS devices. Shortly after, an NFT collector with the Twitter name ‘revive_dom’ informed the community of an exploit on his wallet. 

Details from the thread posted by the user on Friday (April 15, 2022) revealed that a number of NFTs from highly rated and verified collections were stolen. 

Hey y’all, let’s see how amazing this community can be. My entire wallet was just stolen. Totally wiped out, MAYC 28478, MAYC 8952, MAYC 7536, Gutter cat 2280, 2769, 2325. Also stole 100k in ape coin. Looking for all the help I can get.

According to revive_dom, they received several texts claiming that Apple’s systems spotted suspicious activity related to their Apple ID. The texts also asked the user to reset their password. 

They also supposedly received a call that showed “Appe Inc” as the caller ID but this turned out to be an illicit actor. After receiving a six-digit verification code from revive_dom, the unidentified caller cut the call and proceeded to compromise the user’s Apple ID. 

After gaining control, the exploiter accessed the collector’s MetaMask vault and stole NFTs worth an estimated $650,000. Although revive_dom has not reclaimed their assets as of the time of writing this report, the user has received significant support from the community.

Dape NFT founder and social media figure ‘Serpent’ tweeted a detailed report of the incident and attached details of the security loophole for future reference.

3/ MetaMask actually saves your seed phrase file on your iCloud. The scammers requested a password reset for the victim's Apple ID. After receiving the 2FA code, they were able to take control over the Apple ID, and access iCloud which gave them access to the victim's MetaMask.

— Serpent (@Serpent) April 17, 2022

Leading marketplace OpenSea has also reportedly flagged the stolen NFTs on their platform.