MetaMask, a crypto wallet service owned by ConsenSys, warned iPhone users against phishing attacks.
The warning came after a Twitter user named “revive_dom”, an NFT collector apparently lost their entire wallet that contains various NFTs and digital assets last April 15. The entire value of stolen assets was apparently USD650,000 (around Php33.9 million).
🔒 If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds. (Read on 👇) 1/3
— MetaMask 🦊💙 (@MetaMask) April 17, 2022
As per MetaMask, there’s a vulnerability that can be exploited for users on iPhone, Mac, and iPad.
Apparently, Apple’s iCloud backup feature, which automatically saves data to the cloud for multi-device users, also saves MetaMask wallet data and seed phrase.
Related
- Apple Lightning Cable knockoff can contain keyloggers, steal passwords
- How to buy and sell crypto on PayMaya
To prevent this from happening, the company recommends that you disable iCloud backups specifically for MetaMask. You can do so by going to your device’s Settings > Profile > iCloud > Manage Storage > Backups.
You can also stop your Apple device from future backup requests by going to Settings > Apple ID/iCloud > iCloud > iCloud backup.
It’s also best to make a stronger password that’s tougher to crack. Experts suggests using three random words as a password, which should be easy to remember while also being harder to crack, even with brute force systems.