New Crypto Phishing Attack Targeting 2FA on Apple Devices Exposes Wallet Info on iCloud

Picture Source: BeInCrypto

A SlowMist security researcher recently uncovered a concerning new type of phishing attack that specifically targets cryptocurrency holders using Apple devices. This malicious phishing program, which was discovered on the Apple App Store, poses a significant threat to users’ account security and wallet information stored on iCloud. In this article, we delve into the details of the attack and the potential risks it poses to cryptocurrency users, as well as the recommended security measures to protect against such threats.

The Emerging Threat

According to a SlowMist security researcher, this novel phishing attack exploits vulnerabilities in the 2FA (two-factor authentication) system on Apple devices. By imitating legitimate applications, the malicious program gains access to users’ accounts and passwords. Subsequently, the attacker adds their own phone number to the trusted list of two-factor authentication, allowing them to take control of the targeted account.

For cryptocurrency users who frequently back up their wallets on iCloud, falling victim to this phishing attack can have dire consequences. Compromised 2FA could potentially lead to the loss of valuable assets stored in digital wallets.

Growing Concerns in the Crypto Community

In online forums, numerous users have reported falling victim to this new phishing attack, even with 2FA enabled. The growing prevalence of such incidents indicates that attackers are increasingly adopting this method to steal funds from unsuspecting users.

Furthermore, prominent cybersecurity company Kaspersky also discovered vulnerabilities in Apple’s iOS and macOS platforms. These flaws could grant attackers unauthorized access to sensitive user details and even root privileges, further amplifying the potential risks faced by cryptocurrency holders on Apple devices.

Addressing the Issue

Both SlowMist and Kaspersky have urged Apple users to update their iOS and macOS devices promptly to mitigate the risks posed by these security vulnerabilities. Regularly updating software ensures that users benefit from the latest security patches and safeguards against potential exploits.

Kaspersky’s report on the 40% year-over-year increase in crypto phishing attacks between 2022 and 2021 highlights the urgency of staying vigilant against such threats in the ever-evolving digital landscape.

MetaMask, a prominent wallet provider, also expressed concerns regarding iCloud backups. They cautioned Apple users that automatic iCloud backups of MetaMask wallet data could lead to the online storage of sensitive seed phrases, further exposing users to potential risks.

Read More: Ripple Triumphs as US Judge Rules in Favor of XRP Sales, SEC to Appeal

Taking Necessary Precautions

To safeguard against these emerging threats, users are strongly advised to take essential security precautions:

  1. Enable Strong Passwords: Set strong and unique passwords for all accounts, including Apple IDs and cryptocurrency wallets. Avoid using easily guessable information.
  2. Regularly Update Software: Keep all devices and applications up-to-date to ensure the latest security features and patches are in place.
  3. Enable Multi-Factor Authentication: Utilize additional layers of security, such as hardware tokens or biometric authentication, in addition to 2FA, for an extra layer of protection.
  4. Avoid Untrusted Apps: Only download applications from reputable sources, such as the official App Store, to minimize the risk of installing malicious software.


The emergence of this new crypto phishing attack targeting 2FA on Apple devices raises serious concerns for cryptocurrency users who store their wallets on iCloud. The potential loss of assets due to compromised 2FA highlights the need for heightened security measures. Regular software updates, strong passwords, and multi-factor authentication are essential practices to safeguard against these evolving threats. Staying informed about the latest security warnings from reputable sources can help users remain one step ahead of potential attackers and protect their valuable digital assets.

Leave a Reply

Your email address will not be published. Required fields are marked *