iCloud Crypto Holders Beware; Apple User Falls Victim to Phishing Heist

  • SlowMist flags malicious phishing program on Apple devices, leading to 1.6M yuan theft.
  • Phishing scheme bypasses Apple’s 2FA, granting full access to user accounts.
  • Malicious app imitates legitimate ones on App Store to steal Apple ID credentials.

Blockchain security firm SlowMist has flagged a dangerous phishing program lurking within an app in Apple devices that resulted in the theft of 1.6 million Chinese yuan. The malicious scheme, capable of bypassing Apple’s two-factor authentication (2FA), allowed the hacker to gain full access to user account and carried out unauthorized transactions.

The alarming discovery came to light when a distressed user took to V2EX, a popular Chinese online forum known for its tech-savvy community, to seek help and warn others about the phishing attack. The user, whose family’s Apple ID was fortified with 2FA, was still victimized, raising serious concerns about the security of Apple’s authentication measures.

The phishing program operates by imitating legitimate applications on the App Store. Once downloaded, the app prompts users to log in using their Apple ID authorization, where an unsuspicious password input box appears. Unknown to the users, at this point, the attackers stealthily acquire their Apple ID credentials.

The devious tactic continues as the scammer adds their own phone number to the list of trusted numbers for the victim’s 2FA, granting them unfettered access to the account. Instead of immediately exploiting the Apple ID, the hacker cunningly created a family sharing setup and used another account to purchase virtual goods within the app, thereby evading suspicion.

SlowMist specifically stated, “This is a very clever phishing method to bypass Apple’s 2FA!” The firm’s experts further warned Apple users, particularly those involved in cryptocurrencies, who rely on iCloud backup as their asset storage solution. In the event of an attack, such users could suffer devastating financial losses due to the compromised iCloud backup.

In recent years, there have been numerous reported cases of smartphone hacking and discussions about illegal data-collecting practices on smartphone apps in the country. Studies have found that high-end Android devices sold in China come with pre-installed spyware, putting users’ privacy at risk.

Another known case came to light when a Chinese e-commerce giant, Pinduoduo, was accused of using invasive malware, potentially monitoring users’ activities. Researchers from NordVPN have also revealed a new hacking method called GhostTouch, which allows cybercriminals to unlock certain smartphones from a distance without installing malware.

Comments

Post a Comment

Popular posts from this blog

Genesis-Parent DCG Agrees to Settle Creditors' Claims

Image
Earlier this year in January 2023, Genesis filed for Chapter 11 bankruptcy after facing a major liquidity crisis following the collapse of crypto exchange FTX. The recent filing from Genesis parent DCG notes that the bankrupt crypto lender holds liabilities of $630 million in unsecured loans due in May 2023. Additionally, it also has a $1.1 billion unsecured promissory note due in 2032. advertisement As per the in-principle deal, the Digital Currency Group ( DCG ) is looking to undertake new debt facilities along with a repayment agreement. This will include a $328.8 million first-lien facility along with 2-year maturity. Additionally, it will also include a $830 million second-lien facility with a 7-year maturity. The filing notes that DCG is planning to pay a total of $275 million to its creditors in four installment payments. If executed, the proposed plan could lead to anticipated returns of approximately 70% to 90% for unsecured creditors in terms of U.S.
Read more

Silicon Valley Bank Reportedly Deactivates Twitter Account

Image
Following its closure last week, Silicon Valley Bank has reportedly deactivated its Twitter Account. Conversely, Twitter user @DrEliDavid reported the bank’s last post regarding their pride in making Forbes annual America’s Best banks for the fifth consecutive year. Alternatively, the financial institution has been auctioned off by the FDIC today. Subsequently, a purchase of the now-collapsed financial institution could arrive by Sunday night. Thus far, The Bank of London has been the only entity publicly reported to submit an official proposal. JUST IN: Silicon Valley Bank $SIVB reportedly deactivated its Twitter account. pic.twitter.com/vTkk1QK3zk — Watcher.Guru (@WatcherGuru) March 12, 2023 SVB Deactivates its Twitter Account The entire financial sector has been struck with panic, as SVB Financial was closed by California regulators last week. Moreover, the collapse signifies the largest bank failure since the 2008 financial crisis. Conversely, as the proc
Read more

Gemini Foundation, A Non-US Derivative Platform Goes Live

Image
Join Our Telegram channel to stay up to date on breaking news coverage A US-based crypto company, Gemini, has officially launched international derivative trading to serve around 29 countries and territories outside the United States. Gemini Foundation, the much-anticipated non-US derivative platform, has gone live and allows its customers to trade spot and derivative products. However, the new service targets retail and institutional traders, excluding US, UK and EU customers. 1/ We’re thrilled to announce that Gemini Foundation’s derivatives platform is now live with our BTC/GUSD perpetual contract trading across 30 countries. https://t.co/NyQLKhsZYt — Gemini (@Gemini) May 2, 2023 Nonetheless, some of the jurisdictions eligible for the services include Singapore, Hong Kong, India, Argentina, Bahamas, Bermuda, British Virgin Islands (BVI), Bhutan, Brazil, Cayman Islands, Chile, Egypt, El Salvador, Guernsey, Israel, Jersey, New Zealand, Nigeria, Panama, Peru, Philippines, S
Read more