MetaMask Issues Warning Following $650K iCloud Phishing Scam

The DeFi wallet is advising users to disable iCloud backups to prevent future scams

article-image

Source: Shutterstock

share
  • The wallet app is asking users to disable iCloud backups for MetaMask by going into Settings > Profile > iCloud > Manage Storage > Backups
  • MetaMask’s response has drawn criticism from community members

Crypto wallet MetaMask issued a warning advising users to disable their iCloud backups following an exploit of Apple’s service in an estimated $650,000 phishing scam.

The DeFi wallet provider said Sunday users who have iCloud enabled for iPhone application data were susceptible to hackers because the backups include their password-encrypted MetaMask vault.

“If your password isn’t strong enough and someone phishes your iCloud credentials, this can mean stolen funds,” MetaMask tweeted.

The company did not immediately return a request for comment.

In one such phishing attack, hackers drained an estimated $650,000 from NFT investor Domenic Iacovone’s OpenSea account, including several Mutant Ape Yacht Club collectibles, on April 14.

Loading Tweet..

“Got a phone call from Apple, literally from Apple (on my caller Id) called it back because I suspected fraud and it was an Apple number,” Iacovone tweeted. “So I believed them, they asked for a code that was sent to my phone and two seconds later my entire MetaMask was wiped.”

MetaMask’s response has drawn criticism from community members who argue the backup feature used in iCloud should either be disabled or made tougher for hackers seeking a way into users’ digital wallets.

Loading Tweet..

MetaMask parent ConsenSys in February said it was looking to leverage NFTs (non-fungible tokens) as a means to onboard more users to its digital wallet while building out a white-label NFT platform.

While efforts are being made on that front, critics argue cases like Iacovone’s demonstrate ConsenSys’ need to improve security if it aims to bring on the “next wave” of wallet users.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Javits Center North | 445 11th Ave

Tues - Thurs, March 24 - 26, 2026

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Unlocked by Template.png

Research

The march toward an interoperable and onchain-by-default internet depends on reliable messaging and value transfer across heterogeneous domains. Crosschain protocols now process >$1.3T in combined annual transfer volume and secure tens of millions of user interactions, yet no single design dominates.

article-image

The goal, per Santiago Santos, is to make crypto a relatable piece of tech for people who may not even understand it

article-image

Stripe stablecoin unit aims to operate under a federal charter enabling regulated stablecoin issuance and custody services

by Blockworks /
article-image

Will TradFi make crypto better or create more problems than it solves?

article-image

Subtle decisions by risk curators saved Aave from significant turmoil

article-image

The new Rootstock Institutional unit aims to connect professional investors to Bitcoin-native yield and liquidity strategies anchored in BTC’s security layer

by Blockworks /
article-image

DOJ files record civil forfeiture against more than 127,000 BTC linked to scam activity

by Blockworks /