MetaMask is one of the most popular crypto-wallets of the moment, but this popularity has a downside. The more attention, the more interesting it becomes for hackers. Therefore, MetaMask now warns users to disable iCloud backups.
Why?
Last Thursday, on April 14th, a scam was carried out in which an estimated 650,000 dollars worth of NFTs was stolen. MetaMask user Dominic Iacavone had linked his MetaMask wallet to his account at OpenSea, the largest marketplace for NFTs. He had stored the access to the wallet via iCloud. Hackers pretended to be Apple employees in order to get an access code to his iCloud. This is how the hackers managed to steal several NFTs.
How can you prevent this?
Our tip is not to share your 2FA with anyone. If you are dealing with such large amounts of money, it might be worthwhile to spend a few tens of euros on a hardware wallet such as a Ledger or Trezor. These have a MetaMask integration and their private keys are generated and stored offline (so don’t take a picture of them and definitely don’t store them in your iCloud).