BSV
$50.65
Vol 58.34m
2.75%
BTC
$67043
Vol 51837.44m
1.93%
BCH
$355.43
Vol 648.65m
-3.77%
LTC
$70.83
Vol 962.04m
5.57%
DOGE
$0.11
Vol 1623.99m
3.14%
Getting your Trinity Audio player ready...

The popular digital currency wallet, MetaMask, warned users of a security flaw in Apple’s cloud storage. The warnings came in when stolen fund reports surfaced on Twitter in the past few days.

Turns out, what the tech giant Apple thought could help MetaMask users help save passwords or time might be a security flaw that could endanger one’s digital assets. The ConsenSys-backed digital currency wallet took to Twitter to explain that “iCloud backup for app data” will also store the credentials of “your password-encrypted MetaMask vault.”

“If your [iCloud] password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds,” MetaMask tweeted on Sunday.

Simple flaw leads to a huge loss

Moreover, the digital currency wallet provider guided users to turn off the automatic data backup in the same Twitter thread when a user called “revive_dom” reported a loss of 6 non-fungible tokens (NFTs), including three Mutant Ape Yacht Club (MAYC) collectibles, and more than $250,000 worth of ApeCoin (APE).

According to DAPE and Sentinel founder Serpent, the stolen digital collectibles are worth 132.86 Ethereum ($402,980), with the total amount of the stolen digital assets reaching roughly over $650,000.

https://twitter.com/Serpent/status/1515545817503125505

The scam was, according to Serpent, a phishing attack. Firstly, fraudsters made several password reset requests “to make the victim suspicious.” With some help from “caller ID spoofers,” the scammers called their prey, stating to be Apple customer service while asking for the two-factor authentication (2FA) code.

After getting the 2FA verification code, the phishers were able to get control of the victim’s iCloud account, which had the user’s MetaMask wallet password.

Hacks and scams in the industry

With the rise of digital currencies in the past year, scams and thefts have risen nonetheless. Some hackers stole hundreds of millions of dollars worth of virtual currencies, leading to more than $14 billion stolen in 2021 alone.

According to a CNBC report, digital theft rose by 516% last year from 2020. On the other hand, this year hasn’t been going so well either since hackers have already stolen more than a billion dollars.

As per a Yahoo Finance report, scammers looted $1.22 billion from digital currency investors in the first quarter of 2022. The majority of the funds were from Wormhole, $325 million, and Ronin bridge, $615 million hacks.

Watch: CoinGeek New York presentation, FYI: Better Information Tools for a More Lawful Blockchain Industry

Recommended for you

Mt Gox extended to 2025, 11 years after theft and bankruptcy
In the latest news updates, Mt Gox account holders—who have endured multiple delays and deadline extensions over the years—now have...
October 16, 2024
Hong Kong to issue more VASP permits as South Korea tightens rules
With a new license issued to HKVAX, Hong Kong’s licensed VASPs now rose to three, and the Securities and Futures...
October 16, 2024
Advertisement
Advertisement
Advertisement