{"id":60256,"date":"2022-04-18T11:56:54","date_gmt":"2022-04-18T08:56:54","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=60256"},"modified":"2025-09-05T02:20:54","modified_gmt":"2025-09-04T23:20:54","slug":"metamask-warns-apple-users-of-risk-to-funds-from-icloud-backups","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/metamask-warns-apple-users-of-risk-to-funds-from-icloud-backups\/","title":{"rendered":"MetaMask warns Apple users of risk to funds from iCloud backups"},"content":{"rendered":"<p>The MetaMask team warned non-custodial wallet users about the risks of storing data in Apple iCloud due to possible phishing attacks.<\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\">\ud83d\udd12 If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn\u2019t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds. (Read on \ud83d\udc47) 1\/3<\/p>\n<p>\u2014 MetaMask \ud83e\udd8a\ud83d\udc99 (@MetaMask) <a href=\\\"https:\/\/twitter.com\/MetaMask\/status\/1515727239391809536?ref_src=twsrc%5Etfw\\\">April 17, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<blockquote class=\\\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\\\">\n<p>\u00abIf you have enabled app data backup to iCloud, it includes the password-protected MetaMask vault. If it isn\u2019t secure enough, and someone phishes your iCloud credentials, this can lead to asset theft,\u00bb the statement said.<\/p>\n<\/blockquote>\n<p>The wallet developers advised disabling iCloud backup for MetaMask in device settings.<\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\">If you want to avoid iCloud surprising you with unrequested backups in the future, you can turn off this feature at:<br \/>Settings > Apple ID\/iCloud > iCloud > iCloud Backup<br \/>3\/3<\/p>\n<p>\u2014 MetaMask \ud83e\udd8a\ud83d\udc99 (@MetaMask) <a href=\\\"https:\/\/twitter.com\/MetaMask\/status\/1515727241245732867?ref_src=twsrc%5Etfw\\\">April 17, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>The MetaMask statement followed an incident involving one of the NFT collectors. On April 15, he said on Twitter that he had lost an NFT worth $650,000.<\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\">This is how it happened, Got a phone call from apple, literally from apple (on my caller Id) Called it back because I suspected fraud and it was an apple number. So I believed them<br \/>They asked for a code that was sent to my phone and 2 seconds later my entire MetaMask was wiped<\/p>\n<p>\u2014 Domenic Iacovone (@revive_dom) <a href=\\\"https:\/\/twitter.com\/revive_dom\/status\/1514752274471473152?ref_src=twsrc%5Etfw\\\">April 14, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<blockquote class=\\\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\\\">\n<p>\u00ab\u0412\u043e\u0442 \u043a\u0430\u043a \u044d\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e: \u043c\u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043d\u0438\u043b\u0438 \u0438\u0437 Apple, \u0431\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0438\u0437 Apple (\u043f\u043e \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u043c\u0443 ID). [\u042f] \u043f\u0435\u0440\u0435\u0437\u0432\u043e\u043d\u0438\u043b, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0437\u0430\u043f\u043e\u0434\u043e\u0437\u0440\u0438\u043b \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u0442\u0432\u043e, \u0438 \u044d\u0442\u043e \u0431\u044b\u043b \u043d\u043e\u043c\u0435\u0440 Apple. \u0422\u0430\u043a \u0447\u0442\u043e \u044f \u0438\u043c \u043f\u043e\u0432\u0435\u0440\u0438\u043b. \u041e\u043d\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u0438\u043b\u0438 \u043a\u043e\u0434, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u043c\u043e\u0439 \u0442\u0435\u043b\u0435\u0444\u043e\u043d, \u0438 \u0447\u0435\u0440\u0435\u0437 \u0434\u0432\u0435 \u0441\u0435\u043a\u0443\u043d\u0434\u044b \u0432\u0435\u0441\u044c \u043c\u043e\u0439 MetaMask \u0431\u044b\u043b \u043e\u043f\u0443\u0441\u0442\u043e\u0448\u0435\u043d\u00bb, \u2014 \u043d\u0430\u043f\u0438\u0441\u0430\u043b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c.<\/p>\n<\/blockquote>\n<p>\u041f\u043e\u0437\u0434\u043d\u0435\u0435 \u043e\u0441\u043d\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u0440\u043e\u0435\u043a\u0442\u0430 DAPE NFT \u043f\u043e\u0434 \u043d\u0438\u043a\u043e\u043c Serpent \u043e\u0431\u044a\u044f\u0441\u043d\u0438\u043b, \u0447\u0442\u043e \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043a\u0440\u0430\u0436\u0443 \u0438\u0437-\u0437\u0430 \u0445\u0440\u0430\u043d\u044f\u0449\u0435\u0439\u0441\u044f \u0432 iCloud seed-\u0444\u0440\u0430\u0437\u044b MetaMask.<\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\">3\/ MetaMask actually saves your seed phrase file on your iCloud. The scammers requested a password reset for the victim\u2019s Apple ID. After receiving the 2FA code, they were able to take control over the Apple ID, and access iCloud which gave them access to the victim\u2019s MetaMask.<\/p>\n<p>\u2014 Serpent (@Serpent) <a href=\\\"https:\/\/twitter.com\/Serpent\/status\/1515545812423839745?ref_src=twsrc%5Etfw\\\">April 17, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<blockquote class=\\\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\\\">\n<p>\u00abCrooks asked for the victim\u2019s Apple ID password reset. With the 2FA code, they gained control of the Apple ID and access to iCloud, which opened the way to the victim\u2019s MetaMask,\u00bb the author of the thread explained.<\/p>\n<\/blockquote>\n<p>He advised using a cold wallet for storage, not sharing verification codes, and reminded that information about the incoming number can be easily forged.<\/p>\n<blockquote class=\\\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\\\">\n<p>\u00abCompanies like Apple will never call you,\u00bb emphasized Serpent.<\/p>\n<\/blockquote>\n<p>In March, the number of monthly active users of the non-custodial crypto wallet<a href=\"https:\/\/u1f987.com\/en\/news\/ethereum-wallet-metamask-surpasses-30-million-users\"> exceeded 30 million<\/a>.<\/p>\n<p>In the same month, the developers added to the new version of MetaMask<a href=\"https:\/\/u1f987.com\/en\/news\/metamask-adds-apple-pay-support\"> support for Apple Pay and gasless transactions<\/a>.<\/p>\n<p>Subscribe to ForkLog news on Telegram: <a href=\\\"https:\/\/t.me\/forklogfeed\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener\\\">ForkLog Feed<\/a> \u2014 the full feed of news, <a href=\\\"https:\/\/telegram.me\/forklog\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener\\\">ForkLog<\/a> \u2014 the most important news, infographics and opinions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The MetaMask team warned non-custodial wallet users about the risks of storing data in Apple iCloud due to possible phishing attacks.<\/p>\n","protected":false},"author":1,"featured_media":60257,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1112,1154,1287],"class_list":["post-60256","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-apple","tag-crimes","tag-metamask"],"aioseo_notices":[],"amp_enabled":true,"views":"20","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/60256","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=60256"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/60256\/revisions"}],"predecessor-version":[{"id":60258,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/60256\/revisions\/60258"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/60257"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=60256"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=60256"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=60256"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}