An iCloud crypto wallet attack saw an estimated $650,000 worth of cryptocurrency and NFTs stolen from a trader within seconds.
While the attack relied on a sophisticated piece of phishing, it also revealed a key iCloud vulnerability with MetaMask …
CNET reports.
Domenic Lacovone recieved an unusual phone call from Apple on Friday night. He’d recieved several messages asking him to reset his Apple ID password, and so suspected the caller of being a scam. But the call came through on his iPhone as Apple Inc., with a number associated with Apple’s online store, so rang back. The person the other side of the phone said Iacovone’s account had been compromised, and that they needed the one-time code Apple sent to his iPhone to ensure he was the account’s owner. Iacovone gave it to them. Two seconds later, he recounted in a Twitter thread, his crypto wallet was wiped dry.
An estimated $650,000-worth of cryptocurrencies and NFTs were gone in an instant.
The phishing explains how the thief got access to his iCloud account, but how did they use that to access his MetaMask cryptocurrency wallet?
The answer, as unearthed by a crypto security expert who goes by Serpent, is that using the MetaMask app on iPhone automatically stores a seed phrase file onto iCloud […]
“Key takeaways,” Serpent wrote in their Twitter thread. “Always use a cold wallet to store your valuables. Never give out verification codes to anyone. Protect your information, don’t give out your phone number or your personal email. Caller information is easy to spoof. Companies like Apple will never call you.”
“Already $650,000 stolen from a single individual and it’s going to happen to a lot more people,” he wrote.
MetaMask had not responded to CNET’s request for comment at the time of writing but did tweet a warning, with instructions on how to disable the backup.
Photo: Art Rachen/Unsplash
FTC: We use income earning auto affiliate links. More.
Comments