Recently, there was a theft of cryptocurrency and NFT worth up to 650,000 USD, which was caused by the carelessness of users and the automatic backup feature of iCloud. E-wallet provider MetaMask had to warn and ask users to turn off the automatic iCloud backup feature to avoid possible unfortunate incidents.
Twitter user @revive_dom is the victim of this unfortunate incident. The incident started two days ago, when he kept receiving messages and calls from “Apple inc.”, asking this guy to reset the password for his Apple ID account.
This Apple hacker then asked revive_dom to send a verification code to his Apple ID account. But in fact, this verification code was used by the hacker to recover the password of the Apple ID account.
There will be no serious problem when revive_dom loses his Apple ID account to a hacker, if his Metamask wallet information and password is not automatically saved to iCloud after.
Of course, after having obtained these important information, the hacker stole all the cryptocurrency and NFT worth of 650,000 USD in the Metamask wallet of revive_dom. Unexpectedly, iCloud’s automatic application data backup feature backs up such important information, but revive_dom can only blame itself for providing the verification code to the hacker.
“If you enable iCloud backup for app data, this will include an encrypted password for your MetaMask datastore. If your Apple ID password is not strong enough, or someone scams your iCloud login information, the assets in the e-wallet will be at risk,” MetaMask warned its users on Twitter, and demanded that requires the user to turn off iCloud auto-backup for the MetaMask app.
Therefore, to protect themselves, crypto investors and NFTs should never give any kind of verification code to anyone, even reputable companies. like Apple.