MetaMask Issues Warning Following $650K iCloud Phishing Scam

The DeFi wallet is advising users to disable iCloud backups to prevent future scams


Source: Shutterstock


key takeaways

  • The wallet app is asking users to disable iCloud backups for MetaMask by going into Settings > Profile > iCloud > Manage Storage > Backups
  • MetaMask’s response has drawn criticism from community members

Crypto wallet MetaMask issued a warning advising users to disable their iCloud backups following an exploit of Apple’s service in an estimated $650,000 phishing scam.

The DeFi wallet provider said Sunday users who have iCloud enabled for iPhone application data were susceptible to hackers because the backups include their password-encrypted MetaMask vault.

“If your password isn’t strong enough and someone phishes your iCloud credentials, this can mean stolen funds,” MetaMask tweeted.

The company did not immediately return a request for comment.

In one such phishing attack, hackers drained an estimated $650,000 from NFT investor Domenic Iacovone’s OpenSea account, including several Mutant Ape Yacht Club collectibles, on April 14.

Loading Tweet..

“Got a phone call from Apple, literally from Apple (on my caller Id) called it back because I suspected fraud and it was an Apple number,” Iacovone tweeted. “So I believed them, they asked for a code that was sent to my phone and two seconds later my entire MetaMask was wiped.”

MetaMask’s response has drawn criticism from community members who argue the backup feature used in iCloud should either be disabled or made tougher for hackers seeking a way into users’ digital wallets.

Loading Tweet..

MetaMask parent ConsenSys in February said it was looking to leverage NFTs (non-fungible tokens) as a means to onboard more users to its digital wallet while building out a white-label NFT platform.

While efforts are being made on that front, critics argue cases like Iacovone’s demonstrate ConsenSys’ need to improve security if it aims to bring on the “next wave” of wallet users.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the On the Margin newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.


Upcoming Events

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2024

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Unlocked by Template.png


With the spot ETH ETF approval, the institutions are coming. stETH - given its dominance in marketshare, existing liquid market structures, and highly desirable properties - is poised for institutions.


Launching cryptocurrencies the old fashioned way may soon make a return


Kraken and CertiK brought their beef to social media after Kraken said researchers exploited $3 million through a bug


NVIDIA’s historic run is only deepening the divide between mega-cap tech stocks and the rest of the market.


EIP-7702 was quickly adopted for the next Ethereum upgrade, but developers haven’t quite locked it down