MetaMask asks Apple users to disable automatic iCloud backups for their wallets after a user lost $650,000 worth of NFTs in a phishing attack
Daniel Levi
Posted On April 18, 2022
Another day, another phishing attack. Just last week, we warned about new phishing tactics disguised as fun. Now, a user of crypto wallet Metamask has become the latest victim of non-fungible token (NFT) phishing attacks.
In an announcement on Monday, MetaMask asked Apple users to disable the automatic iCloud backups for their wallets after a user lost $650,000 worth of NFTs in a phishing attack. The crypto wallet startup became aware of the attack after the victim took it out to Twitter. The user, named Domenic Iacovone, explained in a tweet to his community how he lost almost $650,000 in assets.
“Hey y’all, let’s see how amazing this community can be. My entire wallet was just stolen. Totally wiped out, MAYC 28478, MAYC 8952, MAYC 7536
Gutter cat 2280 , 2769, 2325
Also stole 100k in ape coin.
Looking for all the help I can get.100kreward
@BoredApeYC@GutterCatGang,” Iacovone tweeted.
Hey y’all, let’s see how amazing this community can be. My entire wallet was just stolen. Totally wiped out,
MAYC 28478, MAYC 8952, MAYC 7536
Gutter cat 2280 , 2769, 2325
Also stole 100k in ape coin.
Looking for all the help I can get.100kreward @BoredApeYC @GutterCatGang
— Domenic Iacovone (@revive_dom) April 14, 2022
Domenic also added in a series of tweets about how it all started and explained how the hackers gained control of his NFTs.
“This is how it happened, Got a phone call from apple, literally from apple (on my caller Id) Called it back because I suspected fraud and it was an apple number. So I believed them They asked for a code that was sent to my phone and 2 seconds later my entire MetaMask was wiped.
Immediately after the attackers gained control, they accessed Domenic’s vault and stole NFTs and ApeCoin worth $650k.
The founder of Dape NFT, who goes by the handle Serpent, also did some digging and provided a detailed report about how the attackers managed to gain access to Domenic’s vault.
https://twitter.com/Serpent/status/1515545812423839745
In response to the victim’s tweets, MetaMask said told its community about the rising phishing attacks and warned the users to stay cautious and protect their NFT assets. In a series of tweets, MetaMask said:
“If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds. (Read on 👇) 1/3.”
https://twitter.com/MetaMask/status/1515727239391809536
https://twitter.com/MetaMask/status/1515727241245732867
MetaMask is a software crypto wallet used on the Ethereum blockchain network to enable users to access their Ethereum wallet through a browser extension or mobile app, which can then be used to interact with decentralized applications.
Trending Now
