Application security, Security Architecture, Email security, Security Strategy, Plan, Budget

MetaMask issues phishing scam warning

MetaMask has warned about a new phishing attack targeted at iCloud backups following the theft of more than $655,000 from at least one user, BleepingComputer reports. "If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds," said MetaMask. The phishing attack involved the delivery of various text messages asking for an Apple account reset, with the attacker later spoofing an Apple Inc. number to warn about suspicious account activity. After providing the six-digit verification code from Apple to the fake support agents, the target had his MetaMask wallet emptied. Moreover, a final Apple account password reset enabled attackers to access their victim's iCloud data with MetaMask seed backups, facilitating the theft of $655,388 in cryptocurrency. Users have been urged to remove MetaMask from iCloud backups to avoid being impacted by such attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.