MetaMask warned Apple users to be wary of phishing attacks on April 17 after an iPhone user was scammed out of $650,000 worth of NFTs and ApeCoin (APE).
According to MetaMask, there is a security issue with the default settings on devices like the iPhone, iPad, and MacBook that allows malicious actors to see the seed phrase or “password-encrypted MetaMask vault” stored on Apple’s iCloud storage service.
? ប្រសិនបើអ្នកបានបើកដំណើរការការបម្រុងទុក iCloud សម្រាប់ទិន្នន័យកម្មវិធី វានឹងរួមបញ្ចូលតុដេក MetaMask ដែលបានអ៊ិនគ្រីបពាក្យសម្ងាត់របស់អ្នក។ ប្រសិនបើពាក្យសម្ងាត់របស់អ្នកមិនរឹងមាំគ្រប់គ្រាន់ ហើយមាននរណាម្នាក់លួចបន្លំព័ត៌មានសម្ងាត់ iCloud របស់អ្នក វាអាចមានន័យថាត្រូវបានលួច។ (អានបន្ត?) 1/3
- MetaMask ?? (@MetaMask) ខែមេសា 17, 2022
ការកំណត់អត្តសញ្ញាណបញ្ហា
On April 15, Twitter user Domenic Iacovone complained that he had lost all the non-fungible tokens (NFTs) in his wallet. This included three Mutant Apes, three Gutter Cats, and $100,000 in ApeCoin.
Iacovone said he got a call on his phone that caller ID flagged as an Apple number. He initially did not pick up but called it back since the caller ID said it was from Apple.
However, the caller was a scammer using a spoofed number. He asked Iacovone for a code sent to his phone under the pretense of being an Apple representative. Iacovone said he lost everything in his Metamask wallet seconds after sharing the code with the scammer.
នេះជារបៀបដែលវាបានកើតឡើង បានទទួលការហៅទូរស័ព្ទពី apple ព្យញ្ជនៈពី apple (នៅលើលេខសម្គាល់អ្នកហៅរបស់ខ្ញុំ) បានហៅវាមកវិញព្រោះខ្ញុំសង្ស័យថាជាលេខ apple ។ ដូច្នេះខ្ញុំជឿពួកគេ។
ពួកគេបានសុំលេខកូដដែលបានផ្ញើមកទូរស័ព្ទរបស់ខ្ញុំ ហើយ 2 វិនាទីក្រោយមក MetaMask ទាំងមូលរបស់ខ្ញុំត្រូវបានលុបចោល— Domenic Iacovone (@revive_dom) ខែមេសា 14, 2022
Explaining the attack
Twitter user @Serpent, founder of crypto threat mitigation system Sentinel, explained the process for the phishing attack. According to him, the attacker used a caller ID spoofer which made them seem like they were from Apple, and claimed that there was suspicious activity on the account.
? NEW PHISHING SCAM ?
Already $650,000 stolen from a single individual and it’s going to happen to a lot more people.
This is how it happened ??
— សត្វពស់ (@Serpent) ខែមេសា 17, 2022
The scammer then requested a password reset for the victim’s Apple ID. The victim will get a code for resetting, and the scammer asks for that code, claiming it’s to verify they own the Apple ID.
In reality, the scammer uses the code to reset the victim’s password, which gives them access to the iCloud account. If MetaMask data is stored on iCloud, they can access it and steal the victims’ assets.
MetaMask’s proposed solution
MetaMask has urged its users to disable iCloud backups for their application by using this toggle: “Settings > Profile > iCloud > Manage Storage > Backups.”
អ្នកអាចបិទការបម្រុងទុក iCloud សម្រាប់ MetaMask ជាពិសេសដោយបិទបិទបើកនៅទីនេះ៖
ការកំណត់ > ប្រវត្តិរូប > iCloud > គ្រប់គ្រងការផ្ទុក > ការបម្រុងទុក។
2/3- MetaMask ?? (@MetaMask) ខែមេសា 17, 2022
For those who want to turn off the feature entirely, they can do so at “Settings > Apple ID/iCloud > iCloud > iCloud Backup.”
Phishing attacks and the crypto space
This is not the first phishing attack scheme that the crypto industry has unraveled this year. អូសា។ users faced “phishing attacks” that led to them losing millions of dollars; another attack ឃើញ the co-founder of Defiance lose $1.8 million worth of NFTs.
With the prevalence of such attacks and the rising sophistication of the methods employed, industry security experts have advised crypto holders to use cold wallets and avoid connecting their wallets to random websites.
Source: https://cryptoslate.com/metamask-warns-apple-users-of-phishing-attack-after-scammer-steals-650k-in-nfts-apecoin-from-iphone-user/