MyEtherWallet Hola VPN Compromised, User Accounts Exposed

So far in 2018, a series of major cryptocurrency exchange hacks have resulted in over $750 million stolen. On July 9, MyEtherWallet reported a security breach to its Hola VPN service that left user accounts exposed.

50 Million Accounts Potentially Compromised

MyEtherWallet (MEW), a globally renowned cryptocurrency management tool and web wallet, experienced a security breach to its Hola VPN browser extension that left user accounts exposed for approximately five hours on July 9.

MEW’s Hola VPN is a free browser extension with nearly 50 million users. During the security breach, hackers were able to access and monitor user accounts who toggled the VPN on and were actively using MEW.

Regular users of MEW were not affected by the hack, as the core platform itself remained uncompromised. Taking to Twitter, MEW warned Hola users of the security issue and advised them to transfer funds to a new account.

We received a report that suggest Hola chrome extension was hacked for approximately 5 hrs and the attack was logging your activity on MEW.

— MyEtherWallet.com (@myetherwallet) July 10, 2018

At the time of writing, it is unknown how many accounts were directly compromised, and there is no public mention of lost or stolen funds.

In an interview with TechCrunch, MEW stated that the attack “appeared to be a Russian-based IP address.” Adding to their statement, a MEW spokesperson said:

“The safety and security of MEW users is our priority. We’d like to remind our users that we do not hold their personal data, including passwords so they can be assured that the hackers would not get their hands on that information if they have not interacted with the Hola chrome extension in the past day.”

Two months ago, MEW experienced a DNS hijack resulting in 215 ether (~$152,000) stolen from users’ wallets.

Although MEW claims the issue derived from “vulnerabilities in public-facing DNS servers”– not its own security infrastructure, the event marks the first of two security breaches to occur in 2018 so far.

Users are reminded to use secure browser extensions that provide safeguards against potential phishing and scams.

Ad

WorkML.ai: Real World Data Annotation Hub Empowers AI with Crypto

Ad

CryptoSlate on X x.com/cryptoslate

Follow us on X for your essential dose of daily crypto news and deep dives.

Join 50k followers

Ad

Latest Ethereum Stories

Shibarium sees brief outage amid Shiba Inu’s Layer-3 blockchain ambitions

Technology 1 day ago

Shiba Inu said it raised $12 million to develop privacy-centric Layer-3 blockchain network

Top 4 accounting firm turns to Ethereum for blockchain-based business contracts

Adoption 6 days ago

OCM is designed to facilitate the secure handling of business contracts on a public blockchain, ensuring privacy by utilizing zero-knowledge proofs to maintain contract integrity and confidentiality.

Bitcoin barely holds on to $60k as bears retest March lows

Crypto 6 days ago

The flagship crypto touched a low of $59,658 before modestly recovering to around $60,800 as of press time, based on CryptoSlate data.

EigenLayer removes caps, sees record $157 million inflow as Lido dominance dips

Crypto 7 days ago

Lido's Ethereum staking dominance wanes, drops under 30% due to inflows into restaking protocols.

Latest Alpha Market Report

Available exclusively via

From 2012 to 2024: Analyzing market conditions before each Bitcoin halving

Andjela Radmilac · 4 days ago

As the fourth Bitcoin halving approaches, an in-depth look at past events offers insights into potential market impacts.

Latest Press Releases

View All

SKALE Network Solves Scalability, Q1 Adoption Soars On Gas-Less Blockchain

Chainwire 2 hours ago

Metis’ Sequencer Mining Goes Live

Chainwire 2 hours ago

South Park Inspired Meme Coin $SNUKE Launches Presale On Solana

Chainwire 8 hours ago