·

MyEtherWallet Compromised as Hackers Make Their Way with over $150K Worth of Digital Currency

MyEtherWallet Compromised as Hackers Make Their Way with over $150K Worth of Digital Currency

Popular web-wallet hosting service MyEtherWallet (MEW) announced via a tweet this morning that a couple of its DNS registration servers had been hijacked by third-party actors. The attack saw hackers get away with around $152,000 worth of Ether.

As part of the company’s damage control plan, MEW founder Kosala Hemachandra took to the internet and released a lengthy statement which read:

“It is our understanding that a couple of Domain Name System (DNS) registration servers were hijacked at 12PM UTC, April 24th 2018, to redirect http://myetherwallet.com users to a phishing site. This redirecting of DNS servers is a decade-old hacking technique that aims to undermine the Internet’s routing system. It can happen to any organization, including large banks. This is not due to a lack of security on the @myetherwallet platform. It is due to hackers finding vulnerabilities in public-facing DNS servers.”

He then went to clarify that a majority of their customers who were affected by this incident were using Google DNS servers. Hemachandra believes that these users in all likelihood had clicked on the “ignore” button when an SSL warning popped up— causing them to become prime targets for illegal phishing activities.

However, not taking any further chances, Hemachandra has requested other MyEtherWallet users to switch to Cloudfare DNS servers while company devs work towards resolving any remaining issues.

Lastly, in another post directed towards the MEW community, company representatives issued the following request:

“Users, PLEASE ENSURE there is a green bar SSL certificate that says ‘EtherWallet Inc’ before making any transactions. We advise customers to run a local (offline) copy of the MEW (MyEtherWallet) and ignore any tweets, Reddit posts, or messages of any kind which claim to be giving away or reimbursing ETH on behalf of MEW.”

While Hemachandra and her team have been swift in taking remedial action, Google’s press office has still not released an official statement in regards to this matter.

Posted In: , Uncategorized

Like what you see? Subscribe to CryptoSlate

Get our daily newsletter containing the top blockchain stories and crypto analysis straight to your inbox.

Sign up to stay informed
Avatar

Shiraz is a cryptocurrency journalist and analyst living in Melbourne, Australia. When not exploring the emerging blockchain ecosystem, he loves to play the blues and dabble in the world of meditation.

View author profile

Disclaimer: Our writers' opinions are solely their own and do not reflect the opinion of CryptoSlate. None of the information you read on CryptoSlate should be taken as investment advice, nor does CryptoSlate endorse any project that may be mentioned or linked to in this article. Buying and trading cryptocurrencies should be considered a high-risk activity. Please do your own due diligence before taking any action related to content within this article. Finally, CryptoSlate takes no responsibility should you lose money trading cryptocurrencies.