Odaily Planet Daily News Security community Dilation Effect tweeted: "Recently, some people reported that their wallets were inexplicably stolen (coins and NFTs were emptied). The common feature is that they use iPhones, do not click on random links, and do not save mnemonics in mobile phone albums or cloud services, but only copy them on paper. These users are puzzled. For this reason, after a lot of research and analysis, we found an attack scenario that is rarely noticed, and it has been successfully reproduced on some wallet apps. There are country or regional restrictions on downloading apps from the App Store. For example, some apps cannot be downloaded by accounts in mainland China. Many users will purchase (Taobao) or use the US Apple ID shared online. Because the iPhone's backup mechanism will back up mobile app data to the cloud, an attacker can restore your wallet app data on his phone using the same Apple ID as you. In addition, the local access password of the wallet is not set very complicated, and the attacker can easily crack it and transfer your assets away. After we tracked the stolen funds on the chain, we found that there was a mature criminal gang behind it. The stolen funds of the victim users have accumulated more than 10 million US dollars." Dilation Effect reminds that 1. For users who use iPhone and have installed the wallet app, if you have purchased or used an Apple ID provided by others, please stop using it immediately and transfer your wallet assets immediately; 2. This attack scenario has been successfully reproduced on some popular wallet apps on the market, and we call on major wallet manufacturers to pay attention to and troubleshoot this issue, actively optimize it, and issue reminders to users.