Key Points:
- The Apple Store has found a malicious phishing program that steals users’ accounts and passwords.
- Scammers reach users by mimicking regular apps.
- Cryptocurrency users who use iCloud to back up their data need to be careful.
The Chief Information Security Officer of leading security company SlowMist, tweeted that the latest attack cases on Apple ID A malicious phishing program has appeared in the Apple store, stealing users’ accounts and passwords by mimicking normal apps.
The attacker then added his own number to the two-factor authentication trust number to control account permissions. Once attackers gain access to user accounts, they can manipulate 2FA trust numbers by adding their own contact information.
This scheme grants them control over account permissions, allowing them to bypass Apple’s 2FA security protocols. The consequences of such unauthorized access can be dire, especially for crypto users who store their wallets through iCloud.
Crypto users must pay attention, as iCloud backup is the backup solution for many users and wallets. Once attacked, it can cause property damage.
Storing wallets on iCloud can put them at risk of losing their assets if an attacker compromises iCloud backups. Therefore, users need to take extra security measures to protect their funds.
Researcher SlowMist reminds crypto users to pay attention, as many users and wallets are now using iCloud backups as their backup solution. As the popularity of cryptocurrencies continues to grow, cybercriminals are adapting their tactics to exploit vulnerabilities in various platforms, including mobile apps.
To reduce the risk of falling victim to phishing attacks, users should adopt security best practices, such as using strong and unique passwords for each application or platform. Enabling 2FA on the cryptocurrency wallet itself can also add an extra layer of protection.
Avoid clicking on suspicious links or downloading apps from unverified sources to reduce your risk of exposure to phishing attempts. Cryptocurrency owners should regularly review their account activities and monitor any unusual transactions or unauthorized access attempts.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.