Ethereum, Hacks

MyEtherWallet Hola VPN Compromised, User Accounts Exposed

MyEtherWallet Hola VPN Compromised, User Accounts Exposed

So far in 2018, a series of major cryptocurrency exchange hacks have resulted in over $750 million stolen. On July 9, MyEtherWallet reported a security breach to its Hola VPN service that left user accounts exposed.

50 Million Accounts Potentially Compromised

MyEtherWallet (MEW), a globally renowned cryptocurrency management tool and web wallet, experienced a security breach to its Hola VPN browser extension that left user accounts exposed for approximately five hours on July 9.

MEW’s Hola VPN is a free browser extension with nearly 50 million users. During the security breach, hackers were able to access and monitor user accounts who toggled the VPN on and were actively using MEW.

Regular users of MEW were not affected by the hack, as the core platform itself remained uncompromised. Taking to Twitter, MEW warned Hola users of the security issue and advised them to transfer funds to a new account.

At the time of writing, it is unknown how many accounts were directly compromised, and there is no public mention of lost or stolen funds.

In an interview with TechCrunch, MEW stated that the attack “appeared to be a Russian-based IP address.” Adding to their statement, a MEW spokesperson said:

“The safety and security of MEW users is our priority. We’d like to remind our users that we do not hold their personal data, including passwords so they can be assured that the hackers would not get their hands on that information if they have not interacted with the Hola chrome extension in the past day.”

Two months ago, MEW experienced a DNS hijack resulting in 215 ether (~$152,000) stolen from users’ wallets.

Related Article: MyEtherWallet Compromised as Hackers Make Their Way with over $150K Worth of Digital Currency

Although MEW claims the issue derived from “vulnerabilities in public-facing DNS servers”– not its own security infrastructure, the event marks the first of two security breaches to occur in 2018 so far.

Users are reminded to use secure browser extensions that provide safeguards against potential phishing and scams.

Cover Photo by Samuel Zeller on Unsplash

Disclaimer: Our writers' opinions are solely their own and do not reflect the opinion of CryptoSlate. None of the information you read on CryptoSlate should be taken as investment advice, nor does CryptoSlate endorse any project that may be mentioned or linked to in this article. Buying and trading cryptocurrencies should be considered a high-risk activity. Please do your own due diligence before taking any action related to content within this article. Finally, CryptoSlate takes no responsibility should you lose money trading cryptocurrencies.

Did you like this article? Join us.

Get blockchain news and crypto insights.

Join Us on Telegram
Jonathan Kim

Jonathan Kim is a University of Washington student of Finance and cryptocurrency investor with a deep interest in the emerging industry of blockchain applications and cryptocurrency trading. His past experiences involve publishing original daily content for blockchain startups and trading cryptocurrencies using technical analysis principles.

View author profile