A crypto investor recently took to Twitter to share how his account was wiped clean of valuable NFTs that he kept safe in a digital MetaMask wallet following a scam call causing him a loss of $650,000. Angry and upset, the man took to Twitter to lash out at Apple, adding: "Don’t tell us to never store our seed phrase digitally and then do it behind our backs. If 90 percent of the people knew this I would bet none of them would have the app or iCloud on."
advertisement
Domenic Iacovone, a crypto investor shares how he lost a whopping $650,000 (£499,000) thanks to a simple iPhone hack.
The man who goes by the name @revive_tom on Twitter shares how he kept all of his valuable NFTs in a digital MetaMask wallet.
But unfortunately, due to a little-known iCloud hack, scammers were able to get scam their way into his entire collection.
Getty Images
Taking to Twitter, he wrote: “Hey y’all, let’s see how amazing this community can be. My entire wallet was just stolen. Totally wiped out...Looking for all the help I can get.”
The man then went on to explain how the scam happened.
It all began with a phone call from ‘Apple’, which he suspected to be fraud at first.
Alamy
advertisement
Domenic shares that he continued to ignore the call several times, and then he noticed a caller ID that showed up as ‘Apple Inc.’, so he decided to give them a callback.
The scammer apparently posed as a member of Apple’s tech team, the scammer explained that Domenic’s Apple account had been compromised.
Then he received a code on his phone to verify his identity.
He finished off the story by claiming: “Two seconds later my entire Meta Mask was wiped.”
In another tweet, the NFT investor claimed the hackers gained access to his 12-word ‘seed phrase’ provided by MetaMask when you set up a wallet – top secret information that must not be shared with anyone else.
Domenic failed to realize that MetaMask automatically stores the seed phrase file on iCloud.
This means that the scammers got direct access to his iCloud after the scam call and were able to swipe his seed phrase before wiping his account clean. This, unfortunately, included several NFTs from the popular Mutant Ape Yachting Club collection, as well as three NFTs from the Gutter Cat collection.
Along with $100,000 (£77,000) in 'ape coin', this all amounts to an estimated $650,000.
Getty Images
advertisement
Domenic vented his fury on Twitter, adding: "Don’t tell us to never store our seed phrase digitally and then do it behind our backs.
"If 90 percent of the people knew this I would bet none of them would have the app or iCloud on."
MetaMask has not commented directly on the incident but did tweet out advice to users amid the fury.
"If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault," the firm warned.
advertisement
"If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds.
"You can disable iCloud backups for MetaMask specifically by turning off the toggle here: Settings > Profile > iCloud > Manage Storage > Backups.
"If you want to avoid iCloud surprising you with unrequested backups in the future, you can turn off this feature at: Settings > Apple ID/iCloud > iCloud > iCloud Backup."