BSV
$46.81
Vol 19.27m
-0.06%
BTC
$68888
Vol 34286.64m
0.4%
BCH
$338.7
Vol 283.06m
1.51%
LTC
$67.03
Vol 322.95m
1.07%
DOGE
$0.16
Vol 3654.06m
11.53%
Getting your Trinity Audio player ready...

The popular digital currency wallet, MetaMask, warned users of a security flaw in Apple’s cloud storage. The warnings came in when stolen fund reports surfaced on Twitter in the past few days.

Turns out, what the tech giant Apple thought could help MetaMask users help save passwords or time might be a security flaw that could endanger one’s digital assets. The ConsenSys-backed digital currency wallet took to Twitter to explain that “iCloud backup for app data” will also store the credentials of “your password-encrypted MetaMask vault.”

“If your [iCloud] password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds,” MetaMask tweeted on Sunday.

Simple flaw leads to a huge loss

Moreover, the digital currency wallet provider guided users to turn off the automatic data backup in the same Twitter thread when a user called “revive_dom” reported a loss of 6 non-fungible tokens (NFTs), including three Mutant Ape Yacht Club (MAYC) collectibles, and more than $250,000 worth of ApeCoin (APE).

According to DAPE and Sentinel founder Serpent, the stolen digital collectibles are worth 132.86 Ethereum ($402,980), with the total amount of the stolen digital assets reaching roughly over $650,000.

https://twitter.com/Serpent/status/1515545817503125505

The scam was, according to Serpent, a phishing attack. Firstly, fraudsters made several password reset requests “to make the victim suspicious.” With some help from “caller ID spoofers,” the scammers called their prey, stating to be Apple customer service while asking for the two-factor authentication (2FA) code.

After getting the 2FA verification code, the phishers were able to get control of the victim’s iCloud account, which had the user’s MetaMask wallet password.

Hacks and scams in the industry

With the rise of digital currencies in the past year, scams and thefts have risen nonetheless. Some hackers stole hundreds of millions of dollars worth of virtual currencies, leading to more than $14 billion stolen in 2021 alone.

According to a CNBC report, digital theft rose by 516% last year from 2020. On the other hand, this year hasn’t been going so well either since hackers have already stolen more than a billion dollars.

As per a Yahoo Finance report, scammers looted $1.22 billion from digital currency investors in the first quarter of 2022. The majority of the funds were from Wormhole, $325 million, and Ronin bridge, $615 million hacks.

Watch: CoinGeek New York presentation, FYI: Better Information Tools for a More Lawful Blockchain Industry

Recommended for you

Zanzibar launches blockchain sandbox for startups
Zanzibar seeks to support blockchain startups and recently launched a sandbox; meanwhile, Vietnam has launched a national blockchain strategy.
November 5, 2024
FINRA: Metaverse to hit $3T by 2031, but poses regulatory risks
FINRA says it has observed more players in the securities industry diving into the metaverse but warns that they must...
November 4, 2024
Advertisement
Advertisement
Advertisement