Crypto wallet warns of iCloud phishing attack that led to $650K in stolen assets

Posted:
in General Discussion
Crypto wallet MetaMask is warning Apple iCloud users of a new phishing attack that could lead to stolen non-fungible tokens or cryptocurrencies.

iCloud backups
iCloud backups


The blockchain company noted that iCloud backups for app data will include a user's password-encrypted MetaMask vault. If the password isn't strong enough, the vault could be stolen and compromised during another type of attack.

Apparently, that isn't just a theoretical risk. On April 14, MetaMask user Domenic Iacovone took to Twitter to claim that his crypto wallet was completely stolen. Some of the digital assets that were lost included a number of non-fungible tokens (NFTs) and about $100,000 in Apecoin.

Iacovone said the saga started when he received a call on his iPhone that read as an Apple number on caller ID. When he called the number back, the scammers asked for a code that was sent to his device. A few seconds later, his wallet was wiped.

Hey y'all, let's see how amazing this community can be. My entire wallet was just stolen. Totally wiped out,

MAYC 28478, MAYC 8952, MAYC 7536

Gutter cat 2280 , 2769, 2325
Also stole 100k in ape coin.
Looking for all the help I can get.

100kreward @BoredApeYC @GutterCatGang

-- Domenic Iacovone (@revive_dom)


In other words, the attackers broke into Iacovone's iCloud account and called him to phish for the two-factor authentication code. When he provided it, they were able to compromise his MetaMask vault and steal his assets.

MetaMask, for its part, says that users disable iCloud backup for MetaMask specifically in the Manage Storage section of a user's iCloud settings.

Users can also protect themselves from phishing attacks by avoiding giving out any sensitive information to callers. Spoofing an official number or caller ID tag is a common tactic among scammers. Additionally, Apple will never ask for a two-factor authentication code over the phone.

Instead of calling back a number directly, users should find the official customer support line from a company's website and call that number to verify.

This is far from the first time that NFTs or cryptocurrencies have been stolen in a phishing attack. Back in February, nearly $1.7 million worth of digital assets were stolen in an attack on OpenSea users.

Read on AppleInsider

Comments

  • Reply 1 of 6
    The article says that they broke in to his iCloud and then got him to divulge the 2fa.

    I hope the author of the article is just smoking a little crack today, and that it’s just a word sequence problem, because the statement is extremely misleading.  A tech writer on AppleInsider surely knows that there was no break-in, which is why they needed the 2fa, because they just initiated an iForgot on his Apple ID, and then called him.

    At no time was iCloud broken into, or hacked, or compromised itself.  They tricked the guy into giving them
    access to his account.

    jas99jcs2305lkruppPetrolDaveFileMakerFellerDAalsethwatto_cobra
  • Reply 2 of 6
    tokyojimutokyojimu Posts: 529member
    He didn’t really lose anything. It was all non-real assets that will be worth nothing in the end anyway. 


    DAalsethwatto_cobra
  • Reply 3 of 6
    lkrupplkrupp Posts: 10,557member
    So yet another dumbass falls for social engineering. How may times do people need to be told companies like Apple simply do not make calls like this asking for credentials? Now let’s see if he tries to sue someone (Metamask, Apple) for his stupidity. My guess is he will try.
    edited April 2022 FileMakerFellerwatto_cobra
  • Reply 4 of 6
    lkrupplkrupp Posts: 10,557member
    The article says that they broke in to his iCloud and then got him to divulge the 2fa.

    I hope the author of the article is just smoking a little crack today, and that it’s just a word sequence problem, because the statement is extremely misleading.  A tech writer on AppleInsider surely knows that there was no break-in, which is why they needed the 2fa, because they just initiated an iForgot on his Apple ID, and then called him.

    At no time was iCloud broken into, or hacked, or compromised itself.  They tricked the guy into giving them
    access to his account.

    Yeah, AppleInsider, explain how they “broke into” his iCloud account before they called and asked him for his 2FA code. I can also “break into” anyone’s iCloud if I know their Apple ID, which is often their email address. Oh wait, I can’t actually login without the code. This sounds like the guy was specifically targeted too.
    edited April 2022 jcs2305watto_cobra
  • Reply 5 of 6
    We're starting to see an increasing correlation between people who get into crypto and people who believe anything they're told. Hmm.
    DAalsethlkruppjcs2305watto_cobra
  • Reply 6 of 6
    In this support section is explained somethiing about app-specific passwords.

    Does this kind of security protects against this kind of attack?


    watto_cobra
Sign In or Register to comment.