MyEtherWallet Compromised as Hackers Make Their Way with over $150K Worth of Digital Currency
Popular web-wallet hosting service MyEtherWallet (MEW) announced via a tweet this morning that a couple of its DNS registration servers had been hijacked by third-party actors.
Popular web-wallet hosting service MyEtherWallet (MEW) announced via a tweet this morning that a couple of its DNS registration servers had been hijacked by third-party actors. The attack saw hackers get away with around $152,000 worth of Ether.
Couple of DNS servers were hijacked to resolve https://t.co/xwxRJ4H4i8 users to be redirected to a phishing site. This is not on @myetherwallet side, we are in the process of verifying which servers to get it resolved asap.
— MyEtherWallet.com (@myetherwallet) April 24, 2018
As part of the company’s damage control plan, MEW founder Kosala Hemachandra took to the internet and released a lengthy statement which read:
“It is our understanding that a couple of Domain Name System (DNS) registration servers were hijacked at 12PM UTC, April 24th 2018, to redirect http://myetherwallet.com users to a phishing site. This redirecting of DNS servers is a decade-old hacking technique that aims to undermine the Internet’s routing system. It can happen to any organization, including large banks. This is not due to a lack of security on the @myetherwallet platform. It is due to hackers finding vulnerabilities in public-facing DNS servers.”
He then went to clarify that a majority of their customers who were affected by this incident were using Google DNS servers. Hemachandra believes that these users in all likelihood had clicked on the “ignore” button when an SSL warning popped up— causing them to become prime targets for illegal phishing activities.
However, not taking any further chances, Hemachandra has requested other MyEtherWallet users to switch to Cloudfare DNS servers while company devs work towards resolving any remaining issues.
Lastly, in another post directed towards the MEW community, company representatives issued the following request:
“Users, PLEASE ENSURE there is a green bar SSL certificate that says ‘EtherWallet Inc’ before making any transactions. We advise customers to run a local (offline) copy of the MEW (MyEtherWallet) and ignore any tweets, Reddit posts, or messages of any kind which claim to be giving away or reimbursing ETH on behalf of MEW.”
While Hemachandra and her team have been swift in taking remedial action, Google’s press office has still not released an official statement in regards to this matter.