MetaMask Issues Warning Following $650K iCloud Phishing Scam

The DeFi wallet is advising users to disable iCloud backups to prevent future scams


Source: Shutterstock


key takeaways

  • The wallet app is asking users to disable iCloud backups for MetaMask by going into Settings > Profile > iCloud > Manage Storage > Backups
  • MetaMask’s response has drawn criticism from community members

Crypto wallet MetaMask issued a warning advising users to disable their iCloud backups following an exploit of Apple’s service in an estimated $650,000 phishing scam.

The DeFi wallet provider said Sunday users who have iCloud enabled for iPhone application data were susceptible to hackers because the backups include their password-encrypted MetaMask vault.

“If your password isn’t strong enough and someone phishes your iCloud credentials, this can mean stolen funds,” MetaMask tweeted.

The company did not immediately return a request for comment.

In one such phishing attack, hackers drained an estimated $650,000 from NFT investor Domenic Iacovone’s OpenSea account, including several Mutant Ape Yacht Club collectibles, on April 14.

Loading Tweet..

“Got a phone call from Apple, literally from Apple (on my caller Id) called it back because I suspected fraud and it was an Apple number,” Iacovone tweeted. “So I believed them, they asked for a code that was sent to my phone and two seconds later my entire MetaMask was wiped.”

MetaMask’s response has drawn criticism from community members who argue the backup feature used in iCloud should either be disabled or made tougher for hackers seeking a way into users’ digital wallets.

Loading Tweet..

MetaMask parent ConsenSys in February said it was looking to leverage NFTs (non-fungible tokens) as a means to onboard more users to its digital wallet while building out a white-label NFT platform.

While efforts are being made on that front, critics argue cases like Iacovone’s demonstrate ConsenSys’ need to improve security if it aims to bring on the “next wave” of wallet users.

Don’t miss the next big story – join our free daily newsletter.


Upcoming Events

Hilton Metropole | 225 Edgware Rd, London

MON - WED, MARCH 18 - 20, 2024

Crypto’s premier institutional conference returns to London in March 2024. The DAS: London Experience:  Attend expert-led panel discussions and fireside chats  Hear the latest developments regarding the crypto and digital asset regulatory environment directly from policymakers and experts   Grow your network […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research



Akash is a general-purpose compute platform with GPUs, storage, LLM training or inference, and validator hosting through its two-sided marketplace.


The SEC could allow half a dozen or more such funds to launch at once, Ark Invest CEO says


2023 saw a decline in a16z crypto funding, but the behemoth VC firm teased what it’s excited for next year


“Iran Unchained” launched a new version of its grant platform to make donations to activists easier


The stablecoin marks the first time a regulated European bank has made a euro-pegged stablecoin available on a crypto exchange


Build it and they will come, perhaps, but making crypto easier to use is turning out to be just as important


Amid moves by Itau Unibanco and Nubank, the country could serve as “a proof of concept” for TradFi-crypto integrations, industry research exec says