$650,000 NFT Phishing Attack Blamed On iCloud And Weak Password, Not A MetaMask, DeFi Wallet or Trust Wallet Vulnerability

1 min read

crypto phishing vulnerability

MetaMask is reactively warning subscribers to protect their wallet crypto holdings by disabling iCloud backups. They also stressed the importance of using a strong password for iCloud.

The victim tweeted about the incident:

Metamask Phishing Attack

iCloud phishing tweet

Here is the Daily Hodl’s account:

crypto phishing
Hacker: Image by Pete Linforth from Pixabay 

Crypto Phishing Vulnerability

A popular crypto wallet is warning its users about a cloud-storage vulnerability that could put their funds at risk of a phishing attack.

In a series of tweets, MetaMask explains how a combination of weak passwords and certain default backup settings while using Apple’s iCloud service could impact their crypto holdings.

“If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault.

If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds.”

Prevention Steps

MetaMask next provides step-by-step instructions about how to adjust iCloud backup settings to help protect their data.

“You can disable iCloud backups for MetaMask specifically by turning off the toggle here:

Settings > Profile > iCloud > Manage Storage > Backups.

If you want to avoid iCloud surprising you with unrequested backups in the future, you can turn off this feature at:

Settings > Apple ID/iCloud > iCloud > iCloud Backup.”

NFT Theft

The announcement comes after a non-fungible token (NFT) collector tweeted that he had lost his “entire wallet” after his Apple account was hacked.

According to the founder of crypto threat mitigation system Sentinel, the NFT collector lost $650,000 worth of digital assets after the user’s seed phrase was saved on the iCloud. The bad actors requested a password reset for the user’s Apple ID, which gave them access to the victim’s MetaMask credentials.

MetaMask’s software-based cryptocurrency wallet is available as a browser extension or mobile app. The project is backed by New York-based ConsenSys, a leading Ethereum-focused development studio.

Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any loses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.

Original article can be found at;//dailyhodl.com/2022/04/19/crypto-wallet-metamask-issues-warning-to-iphone-users-gives-directions-to-avoid-phishing-attacks/

Via this site