Author

Topic: Metamask iCloud backup phising scam... (Read 140 times)

legendary
Activity: 1932
Merit: 4602
Buy on Amazon with Crypto
June 17, 2022, 08:12:23 AM
#8
https://medium.com/metamask/security-notice-extension-disk-encryption-issue-d437d4250863
Security Notice: Extension Disk Encryption Issue
"Researchers from Halborn found a case where user keys could be found unencrypted on disk in rare edge cases, which has been fixed for MetaMask Extension versions 10.11.3 and later"
copper member
Activity: 28
Merit: 0
April 23, 2022, 01:48:40 AM
#7
Quite scary, though. That the process for this was quite simple for them to obtain the funds.

I would never personally, allow another service to backup my wallet, keep the secret phase somewhere safe, and every time I wish to access the wallet, just manually re-enter each time.

Just never share your secret phase with anyone.
legendary
Activity: 1624
Merit: 1200
Gamble responsibly
April 21, 2022, 05:24:39 AM
#6
Actually most of the time i check the threads beforehand but this time it was missed as i don't post on altcoin board of the forum and have not visited it from few days.But still this strike me to give newbies and others scam warning to be safe in this board as a help to them in detail on this matter.But good of you to mention that other thread also.
A thread about it has been created also on beginners and help before but it was locked after the first thread about it on this forum was known to the person that brought up the topic.

Metamask New Phishing Scam
member
Activity: 564
Merit: 50
April 21, 2022, 05:07:41 AM
#5
Just stop connecting wallets to weird pages

legendary
Activity: 1974
Merit: 2124
April 21, 2022, 05:00:55 AM
#4
This always remind us that never put everything in Metamask also never tried to put something unusual to our wallet especially if the source are unverified or something shady to us. These hacking incident happen to that user is another unfortunate sight to see which other whales need to learn of since if many of them keep putting their huge amount of money on a platform which security is questionable or if they don't have enough knowledge about many schemes then provably they might encounter this issue. Hopefully many will be more watchful to their balances and never ever download unknown things which we can see on our email nor try to sign up anything, Verifying the information we received is a must here.
It's sign for those who are keeping their whole lot of balance is one wallet only and are keeping backup on online storage with centralised server control that can be easily hacked.The further mistake he did was to give the code to hackers assuming it to be from company side which proved worse for him.But yes if you want safety then hardware wallets are best and using different addresses is preferred.

To all those who are into this NFT at the time the advice is don't link your main wallets for minting and keep the minimum balance in them to be on safer side as they always possess risk if you are not taking extra security measures.

You want people to know about the hack, that is good so that people can avoid to backup on clouds, but a topic about it is already posted on this forum, try to use the search engine first next time before you post topic on this forum.

To avoid posting on two threads, lock this thread.
Actually most of the time i check the threads beforehand but this time it was missed as i don't post on altcoin board of the forum and have not visited it from few days.But still this strike me to give newbies and others scam warning to be safe in this board as a help to them in detail on this matter.But good of you to mention that other thread also.
legendary
Activity: 1624
Merit: 1200
Gamble responsibly
April 20, 2022, 07:23:52 AM
#3
You want people to know about the hack, that is good so that people can avoid to backup on clouds, but a topic about it is already posted on this forum, try to use the search engine first next time before you post topic on this forum.

A new warning for iPhone and Apple product users

To avoid posting on two threads, lock this thread.
hero member
Activity: 2520
Merit: 783
April 20, 2022, 06:56:10 AM
#2
This always remind us that never put everything in Metamask also never tried to put something unusual to our wallet especially if the source are unverified or something shady to us. These hacking incident happen to that user is another unfortunate sight to see which other whales need to learn of since if many of them keep putting their huge amount of money on a platform which security is questionable or if they don't have enough knowledge about many schemes then provably they might encounter this issue. Hopefully many will be more watchful to their balances and never ever download unknown things which we can see on our email nor try to sign up anything, Verifying the information we received is a must here.
legendary
Activity: 1974
Merit: 2124
April 20, 2022, 06:46:39 AM
#1
There are more and more scams coming out on daily basis draining out the funds of users from their wallets and the recent one is for Metamask walllet.

According to one report the users who were having iCloud backup for app data it was also having the password encrypted metamask vault giving hackers access to your wallet and drain out the funds easily.

If your password was not strong enough it easily be brute forced and one user got scammed worth around $650k from this scam who was holding NFT's in his wallet which were all gone :



Original Tweet

The user also received a call from fake Apple company asking for code which he gave and access to the wallet so this was extra mistake on his side

Quote
Got a phone call from Apple, literally from Apple (on my caller Id) called it back because I suspected fraud and it was an Apple number,” Iacovone tweeted. “So I believed them, they asked for a code that was sent to my phone and two seconds later my entire MetaMask was wiped.”

The Metamask has also confirmed it that it was being saved for those who have gave this permission on iCloud backup and now they have asked everyone to deny it and be safe :



Quote
The DeFi wallet provider said Sunday users who have iCloud enabled for iPhone application data were susceptible to hackers because the backups include their password-encrypted MetaMask vault.

“If your password isn’t strong enough and someone phishes your iCloud credentials, this can mean stolen funds,” MetaMask tweeted.

So this is just warning to all to be safe in every aspect because one wrong step can land all your funds in your wallet to the hackers as we are seeing day by day.Use hardware wallets more and your seeds stored on some safe offline storage with proper backup for them as this online services could easily be hacked.

Metamask iCloud phishing scam
Jump to: