ATTENTION EVERYONE! MEW isn't safe to use right now.

NiinaKub

newbie

Activity: 52

Merit: 0

Quote from: btccrusher on April 24, 2018, 12:40:37 PM

myetherwallet.com isn't safe to use right now. It seems that the DNS of MEW was hijacked, which resulted in loss of all the funds from MEW accounts. Check subreddit for details. It is advised to use the offline version of MEW until official notification of MEW's safety.

Need help to use offline MEW? Check this out:
https://myetherwallet.github.io/knowledge-base/offline/running-myetherwallet-locally.html

Note: I'll update this thread once I found any official announcement.

Edit 1;
someone lost 85 ETH https://etherscan.io/tx/0x6b2d0464eef4c90677a555701b26820e606f5a52f3926725291bca6cc6936167

Here is the moved funds: https://etherscan.io/address/0xb3aaaae47070264f3595c5032ee94b620a583a39

Update 1:
MyEtherWallet says everything is normal now. [however, I'm advising to stop transaction for few more hours and learn from more users]
here is the official tweet https://twitter.com/myetherwallet/status/988836522974572544

Stay safe.

big thanks for the info dude, it really helps people not to lose their crypto. i idi lost anything but my friend was hacked for 5 eth recently

WaffleMaster

hero member

Activity: 966

Merit: 546

Quote from: popotao98 on May 01, 2018, 10:38:12 AM

there is no news on the official site which indicates that company will try to recover the things as soon as possible and does n't create a situation of panic where everyone starts selling their funds, in way to save from stolen.

Does my ether wallet even make money from people using their service? I'm not aware of any fees they take or anything, so really it would be quite impossible for them to recover the money. To think an entire DNS like google could be spoofed or hacked and steal a bunch of people's money is just crazy. Wonder how that was even pulled off.

popotao98

newbie

Activity: 25

Merit: 0

there is no news on the official site which indicates that company will try to recover the things as soon as possible and does n't create a situation of panic where everyone starts selling their funds, in way to save from stolen.

alexzorgo

full member

Activity: 630

Merit: 103

The message recommends changing the DNS server:
https://www.reddit.com/r/MyEtherWallet/comments/8eloo9/official_statement_regarding_dns_spoofing_of/

Quote

A majority of the affected users were using Google DNS servers. We recommend all our users to switch to Cloudflare DNS servers in the meantime.

If in settings of network connection of your computer DNS servers Google are installed (for example: 8.8.8.8.), it is recommended to replace with the Cloudflare DNS servers: 1.1.1.1 or 1.0.0.1.
These servers are safer, faster also support the DNS new technologies

imteaz

full member

Activity: 532

Merit: 107

This is really scary, and i think we should all be careful. I think in this forum 99% people use MEW wallet. It really sad to see its happening with MEW, i hope they fix the problem and tighten their security problem.

Alexandr Kirichenko

full member

Activity: 434

Merit: 100

Distributed Intelligent IoT Technology

Quote from: Lacettivod on April 24, 2018, 01:17:47 PM

Thank you for warning! I will not today to make transfers from the wallet.
Read, that have them hacked DNS server.It puts us in danger.

It is better to wait for official news from the developers before continuing to use MEW

This is the second such attack by a hacker. This is of course not very happy. And don't even know what to do with it. As far as I know, even a hardware wallet will not help in this case

Ninellechka

member

Activity: 332

Merit: 10

I've always considered mew to be one of the safest online wallets. What a disappointment( Hope, they'll solve this problem and get back to normal work. All these online wallets are not 100% safe and can be hacked any time, unfortunately((

Guli

full member

Activity: 420

Merit: 107

Today I was able to go to MEW and even translated the broadcasts. So, you can breathe freely and continue to work. I hope that there will be no more such incidents)

lasry

member

Activity: 205

Merit: 10

Concerning with mew, they said hackers only stole some eths and not other coins, so for those with large amounts of eth better have a hardware wallet, better be safe. And I think mew is good now. I wonder if they really fixed it already

kharismac999

sr. member

Activity: 656

Merit: 261

Thankyou for information. Im using Imtoken for now. I think imtoken more safe right now. Just download on playstore.
CMIIW

sorrros

full member

Activity: 954

Merit: 104

ludenaprotocol.io

Is there any official news about that? Hope my funds are safe.

BitcoinHodler

hero member

Activity: 1456

Merit: 579

HODLing is an art, not just a word...

it is best not to use MEW at all, it is a web wallet and hacks like these will always happen or at least be a big risk. not to mention that when you are using these websites you are always online and being online means being at another risk of getting hacked and losing your money.

it is always best to use desktop wallets instead of web ones.

Coingram

newbie

Activity: 295

Merit: 0

Wow, 85 ETH gone, really shocked me, If I have loosed such amount, next time I would be careful x10 times more. Thats sad to see such news, no one is in safe from being hijacked

Luntop

newbie

Activity: 168

Merit: 0

I saw the news yesterday on the telegram ...Every day hackers become more and more sophisticated

EmmanCryp

member

Activity: 471

Merit: 10

QUUBE — First&Only Quantum Resistant Ecosystem

Wow I was so afraid when I heard this news and I rushed to check my wallet balance on etherscan and thank God everything was and is intact. I heard it was a dns hack. MEW website itself does not store our tokens but gives us access to the Ethereum network. I think it's safer to use metamask or the offline version of MEW as suggested by OP

fmboyzz

jr. member

Activity: 227

Merit: 1

Honestly though, what is even the point of crypto if you have to resort to storing it on a hardware wallet just to avoid being robbed blind? That is the same level of security and convenience as paper money, except paper money doesn't come with transaction fees and isn't at risk of going kaput when it gets near a magnet.

jamesndungu1

member

Activity: 434

Merit: 25

Quote from: hodl2018 on April 24, 2018, 12:49:26 PM

Shameful. How this useful site can get hacked?

Google Public DNS (8.8.8.8/ 8.4.4.8 ) Servers are resolving the domain to a bad server that can steal your keys.

trademark

legendary

Activity: 1932

Merit: 1003

Hey, I heard about the myetherwallet issue today and looked into that ethereum address. It looks like it's connected with the Symmetry fund scam. https://bitcointalksearch.org/topic/m.29148148 Hopefully this information is useful to catch these bastards.

BQ

member

Activity: 616

Merit: 53

CoinMetro - the future of exchanges

according to a post on Reddit, it does say that the HTTPS certificate is invalid.
listen to that warning from your browser!

btcdevil

legendary

Activity: 1302

Merit: 1027

Quote from: senne on April 24, 2018, 04:15:48 PM

Quote from: dhemasm on April 24, 2018, 04:07:53 PM

This topic is very hot on reddit but I think this time myetherwallet is normal again but seriously this makes me paranoid to use mew website. For now i think the safest way today is using a wallet hardware like trezor, btw its metamask its still safe to use?

Exactly, as I also heard this topic on Reddit and really makes us wonder upon the current situation on MEW. Technology once again tend to be outdated and hackers attack for stole the funds. But there is no news on the official site which indicates that company will try to recover the things as soon as possible and does n't create a situation of panic where everyone starts selling their funds, in way to save from stolen.

But I thing that it is not good of not informing the users about the threat and they should have shutdown the server so hacker can not withdrew the coins

senne

hero member

Activity: 1078

Merit: 507

Quote from: dhemasm on April 24, 2018, 04:07:53 PM

This topic is very hot on reddit but I think this time myetherwallet is normal again but seriously this makes me paranoid to use mew website. For now i think the safest way today is using a wallet hardware like trezor, btw its metamask its still safe to use?

Exactly, as I also heard this topic on Reddit and really makes us wonder upon the current situation on MEW. Technology once again tend to be outdated and hackers attack for stole the funds. But there is no news on the official site which indicates that company will try to recover the things as soon as possible and does n't create a situation of panic where everyone starts selling their funds, in way to save from stolen.

farout

newbie

Activity: 13

Merit: 0

Hot topic, everyone speaking on Reddit

dhemasm

full member

Activity: 1829

Merit: 134

Moderator

This topic is very hot on reddit but I think this time myetherwallet is normal again but seriously this makes me paranoid to use mew website. For now i think the safest way today is using a wallet hardware like trezor, btw its metamask its still safe to use?

Guli

full member

Activity: 420

Merit: 107

#MEW there were news that the CSN was broken and you are redirected to a phishing site. We recommend that you do not use the MEV for a while, until the details are clarified. A source:https://www.reddit.com/r/MyEtherWallet/comments/8ek0jj/think_i_got_scammedphishedhacked/

tatnM

member

Activity: 434

Merit: 10

Hijack of Amazon’s internet domain service used to reroute web traffic for two hours unnoticed. Far the only known website to have traffic redirected was to MyEtherWallet.com, a cryptocurrency website. This traffic was redirected to a server hosted in Russia, which served the website using a fake certificate — they also stole the cryptocoins of customers.

annmhie0904

newbie

Activity: 196

Merit: 0

Thank you for this post. Now that I'm updated to it. I won't do any transaction till the issue will be fix.

This will be horrible to those who got hacked. I know, that it was hard that all your effort will be nothing.

Stay safe guys.

vicvicto17

member

Activity: 362

Merit: 10

I know it will get back soon. They are live and active on twitter they will get back soon. Those hackers will have no place on earth. Grr.. I remember the last time i was hacked by phishing site. That's why i'm very careful on my wallets.

emberbekas

legendary

Activity: 1904

Merit: 1000

I read the news regarding this issue on their twitter account. And now everything seems to be normal again and they give us a pro-tips on how to avoid to be scammed and phised. Wish it'll help us to stay safe.

supine

full member

Activity: 1036

Merit: 109

I have read this on twitter and the page of Myetherwallet even notified it's user about this. They said that as long as there's a certificate on the site it is good to use. The site gets redirected to a phising site and almost 200+ eth was snatched from other users. I read an article that only certain regions were hacked such as: Italy, Pakistan, Thailand, Malaysia, Australia and New Zealand. But, it's always better to be safe.

Benkortan

newbie

Activity: 32

Merit: 0

Quote from: Noobaru on April 24, 2018, 03:12:39 PM

Quote from: hodl2018 on April 24, 2018, 12:49:26 PM

Shameful. How this useful site can get hacked?

They didn't get hacked, but public Google DNS got compromised. Their addresses 8.8.8.8. and 8.8.4.4. were down in some parts of the world, not sure if they still are. An attacker hacked into those addresses and pointed MEW domain name to a different IP. That is how when people opened even their bookmarked MEW URL, they went to a compromised IP and when they entered their private key, the hacker snatched it (because it was entered into his own server). The certificate should have warned people from doing so (because the certificate was missing and was not green), but it is easy to be a smart now, when things are over.

I'm checking that green url and I have Cryptonite, which is a great help.
Very dangerous setup from hackers. Thanks for explanation.

kamike

full member

Activity: 199

Merit: 100

Presale Starting May 1st

It was not hacked, they are the group of people who are really experts in hijacking so let us be careful so that we won't be a victim, we must be thankful that a lot of people here are concern for other people.

mmacool

jr. member

Activity: 308

Merit: 1

It seems to me that if MEW hackers could hack, then maybe the market will go down. Hackers now have no barriers whatsoever, they can hack everything and it's very bad.

btccrusher

member

Activity: 742

Merit: 12

Quote from: GabrielKiara on April 24, 2018, 03:35:11 PM

Seriously I feel paranoid using mew at this time, btw here one of the hacker address : 0xb3AAAae47070264f3595c5032eE94b620A583a39 ( I got it from telegram community chat). That Means for now the safest path is to use hardware like trezor right? Or use metamask still safe?

Hardwares are the safest option while everyone don't have it. In that case, Metamask is fairly safe, but I'd suggest to use offline transaction. So that you are out of risk.

GabrielKiara

member

Activity: 273

Merit: 15

Seriously I feel paranoid using mew at this time, btw here one of the hacker address : 0xb3AAAae47070264f3595c5032eE94b620A583a39 ( I got it from telegram community chat). That Means for now the safest path is to use hardware like trezor right? Or use metamask still safe?

btccrusher

member

Activity: 742

Merit: 12

Quote from: Noobaru on April 24, 2018, 03:12:39 PM

Quote from: hodl2018 on April 24, 2018, 12:49:26 PM

Shameful. How this useful site can get hacked?

They didn't get hacked, but public Google DNS got compromised. Their addresses 8.8.8.8. and 8.8.4.4. were down in some parts of the world, not sure if they still are. An attacker hacked into those addresses and pointed MEW domain name to a different IP. That is how when people opened even their bookmarked MEW URL, they went to a compromised IP and when they entered their private key, the hacker snatched it (because it was entered into his own server). The certificate should have warned people from doing so (because the certificate was missing and was not green), but it is easy to be a smart now, when things are over.

Update 1:
MyEtherWallet says, everything is normal now. [however, I'm advising to stop transaction for few more hours and learn from more users]
here is the official tweet https://twitter.com/myetherwallet/status/988836522974572544

Stay safe.

joselitobayagbag

member

Activity: 231

Merit: 10

Augmented Reality World Discovered

This is awful,those people who used mew and put their rmoney to these keys probaby got hacked as long as these people arent going to put their keys thru researching because it can be easily hacked,then the time i dont like to dos so if iwere you i wont be wasting my time and effort for this campaigns as there are uncertainty between the two.

Noobaru

jr. member

Activity: 504

Merit: 3

Quote from: hodl2018 on April 24, 2018, 12:49:26 PM

Shameful. How this useful site can get hacked?

They didn't get hacked, but public Google DNS got compromised. Their addresses 8.8.8.8. and 8.8.4.4. were down in some parts of the world, not sure if they still are. An attacker hacked into those addresses and pointed MEW domain name to a different IP. That is how when people opened even their bookmarked MEW URL, they went to a compromised IP and when they entered their private key, the hacker snatched it (because it was entered into his own server). The certificate should have warned people from doing so (because the certificate was missing and was not green), but it is easy to be a smart now, when things are over.

thinknow11

full member

Activity: 308

Merit: 101

Hacker is the greatest problem confronting cryptocurrency ecosystem. However, I think this will be sorted out as soon as possible.

santiPOGI

full member

Activity: 1004

Merit: 111

We just need to wait and let them solve the problem.
MEW will not let this slide for a long time and issue will be gone soon.
though this one will be a big lesson to them and will improve their security more.
it's bull run days btw, so let it stay their and dont open your wallet.

Lacettivod

member

Activity: 252

Merit: 14

Revolutionizing Brokerage of Personal Data

Thank you for warning! I will not today to make transfers from the wallet.
Read, that have them hacked DNS server.It puts us in danger.

It is better to wait for official news from the developers before continuing to use MEW

pri3oner

full member

Activity: 504

Merit: 100

Bitgesell (BGL) Decentralized Cryptocurrency!

As it's happened back in late-December with Delta the accident was repeated, unfortunately for all honest crypto workers... In our unreliable crypto world everything can happen and it's a pity... Just imagine an honest bounty participant who has saved a little for months of hard work, reposting and posting, making video and other content, and being hacked just for a moment by random (but clever) guy (or team, anyway)!...

manlyxman

newbie

Activity: 168

Merit: 0

I don't think anything but a hardware wallet is safe nowadays. I really recommend people to invest in one.

manoj6233

jr. member

Activity: 196

Merit: 1

Without the old workplace rules, everyone at IBM is learning and adapting to new behaviors and patterns all the time. Take attention, for instance. How one pays attention in a distributed environment has to change. None of the material conditions (silence, sterility, absence of distraction) or the personal ones (eye contact) ...

hodl2018

newbie

Activity: 36

Merit: 0

Shameful. How this useful site can get hacked?

btccrusher

member

Activity: 742

Merit: 12

myetherwallet.com isn't safe to use right now. It seems that the DNS of MEW was hijacked, which resulted in loss of all the funds from MEW accounts. Check subreddit for details. It is advised to use the offline version of MEW until official notification of MEW's safety.

Need help to use offline MEW? Check this out:
https://myetherwallet.github.io/knowledge-base/offline/running-myetherwallet-locally.html

Note: I'll update this thread once I found any official announcement.

Edit 1;
someone lost 85 ETH https://etherscan.io/tx/0x6b2d0464eef4c90677a555701b26820e606f5a52f3926725291bca6cc6936167

Here is the moved funds: https://etherscan.io/address/0xb3aaaae47070264f3595c5032ee94b620a583a39

Update 1:
MyEtherWallet says everything is normal now. [however, I'm advising to stop transaction for few more hours and learn from more users]
here is the official tweet https://twitter.com/myetherwallet/status/988836522974572544

Stay safe.

Topic: ATTENTION EVERYONE! MEW isn't safe to use right now. (Read 449 times)