Pages:
Author

Topic: [CAUTION] MyEtherWallet(MEW) hijacked (April 24, 2018) - page 3. (Read 490 times)

legendary
Activity: 3178
Merit: 1054
MyEtherWallet.com has been reportedly hacked – 215 Ethereum [ETH] phished in less than 3 hours
Don't login to your MEW accounts yet, wait until the dust settles and everything has been fixed.

Terrible news . I have heard that some guy lose 85 eth from his wallet
Totally terrible and whomever who's this guy that lost 85 ETH it's never safe to put that sums of holding to a web wallet. This is why getting your own hardware wallets is always the best storage.

that's a huge amount already. this is why I'm login into the MEW in an offline page just to make sure its the real page that i have downloaded. 85 ETH is something to die for already in my country its worth more than 5M and you can already buy a lot with it, pick up trucks and so on. easy money for the hackers, lost investment and exasperation for the token owners.
legendary
Activity: 3108
Merit: 1029
There is an update in the MEW twitter regarding this problem and the team was working on it. It will be resolved asap. But i just found another thread that has been discussing this problem. It may better for you to read carefully before try to make a double post like this, but i appreciate this kind of awareness.  

Hey. I understand what you're saying. The reason I just posted this immediately because I didn't want to risk wasting a few more minutes in finding a similar post, as you may know, this is really really important and a 5 minute difference could potentially prevent a single(or multiple) investor for being screwed.
Sure, I was understood about that. That's why I appreciate this thread.

Because I have known that not so many people are actively watching the latest update regarding what already happened or mainly to visit the official twitter account of myetherwallet.




Just checked now, the link is true, green status, the certificate is valid. Perhaps this is danger for some countries.
If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?

Stay away at least at some moments.
newbie
Activity: 322
Merit: 0
Just checked now, the link is true, green status, the certificate is valid. Perhaps this is danger for some countries.
If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?
hero member
Activity: 3080
Merit: 603
MyEtherWallet.com has been reportedly hacked – 215 Ethereum [ETH] phished in less than 3 hours
Don't login to your MEW accounts yet, wait until the dust settles and everything has been fixed.

Terrible news . I have heard that some guy lose 85 eth from his wallet
Totally terrible and whomever who's this guy that lost 85 ETH it's never safe to put that sums of holding to a web wallet. This is why getting your own hardware wallets is always the best storage.
member
Activity: 364
Merit: 19
www.codex.one
Terrible news . I have heard that some guy lose 85 eth from his wallet ... Damn , what a pain I think Undecided I was lucky , that I didn't login my wallets today , but I think I'l gonna buy some ledger to keep my funds in secure place , because mew have been compromised so many times that I can't trust it anymore .
hero member
Activity: 756
Merit: 500
If hacking really was, it would have a negative impact on the entire crypto market. To myetherwallet always had a high level of confidence. I don't even know what a wallet is for you to use...
member
Activity: 451
Merit: 10
Thank for let us know, we really need to careful and check everything before login to myetherwallet, my last login time is 11 hour ago, thank for God I don't have login in last hour, if not all my funds already transfer out to hackers wallet
member
Activity: 138
Merit: 74
NotYourKeys.Org
This is not first time happening mate. People are really worry about losing the fund on using online wallet even they have the private key control with them. I advice you to bookmark the website URL correct.
You will get the tokens access still if you going to wallet with the perfect URL without any VPN plugs mate.
If you use tor browser you will get this issue. Hope your would get issue.

Please read the actual post. MyEtherWallet got hijacked on a DNS level, meaning that even though you're using the correct URL(https://myetherwallet.com) you could still get hacked.
sr. member
Activity: 649
Merit: 250
This is really alarming mew were hijacked so all users must be aware of this bad news. There are really scammers that we should be very cautious on the website that we are using. Thank's for this information so I'll always be updated if this problem were resolved immediately.
full member
Activity: 518
Merit: 105
I really hope that the strong programmers are currently working on the creation of a safe cold wallet to store tokens on the blockchain of the Eth. This is a very necessary thing and I'm waiting for it. People tell me, maybe now there is such a purse?
newbie
Activity: 55
Merit: 0
Wow...thanks for the heads up.
Triple checking the url can never be overemphasized when logging in to MEW.
Seems these  hackers wont be stopping their criminal acts anytime soon.
Triple check everything before inputting your private keys. Be safe out there
hero member
Activity: 924
Merit: 512
Do not use myetherwallet.com if you're using Google Public DNS (8.8.8.8 / 8.8.4.4) at this moment, it seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!

Invalid certificate: https://imgur.com/a/bh6p4DQ

Code:
root@tali:/home/micky# dig @8.8.8.8 myetherwallet.com

; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A

;; ANSWER SECTION: myetherwallet.com. 9641 IN A 46.161.42.42

;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 24 15:48:51 EEST 2018 ;; MSG SIZE rcvd: 62

root@tali:/home/micky# dig @8.8.4.4 myetherwallet.com

; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.4.4 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36179 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A

;; ANSWER SECTION: myetherwallet.com. 9902 IN A 46.161.42.42

;; Query time: 33 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Tue Apr 24 15:50:27 EEST 2018 ;; MSG SIZE rcvd: 62

Always make sure your connection is secure "green" in your browser!

LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29

Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.

Again, please make sure the SSL Connection is always green when you interact with any website.



Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/

This is not first time happening mate. People are really worry about losing the fund on using online wallet even they have the private key control with them. I advice you to bookmark the website URL correct.
You will get the tokens access still if you going to wallet with the perfect URL without any VPN plugs mate.
If you use tor browser you will get this issue. Hope your would get issue.
member
Activity: 252
Merit: 10
Please explain what this phrase means, thanks "...correct certificate and ssl connection".
And if through the explorer you will be viewing your deposit, then it's not scary?
trk
full member
Activity: 228
Merit: 100
Thanks for the warning
Look at that! In just few hours, the hacker already cashed out 215 ether!
And after reading the comments in the etherscan, it looks like he changes his address.
Stay safe buddy, use a hardware wallet!
full member
Activity: 872
Merit: 120
This kind of events put us in very defensive positions. If you can't even use safely myetherwallet, then you know there is a problem.

I wonder why this never happened with blockchain.info, as many say this is a common problem?
hero member
Activity: 2268
Merit: 588
You own the pen
Damn hackers! Why don't they use their technology to do something useful to others? Why should we steal the fruits of others' hard work? Disgusting behavior!


There's only 3 types of people living on earth "The Good The Bad and The Weird" well i guess this man is The Bad.
member
Activity: 138
Merit: 74
NotYourKeys.Org
There is an update in the MEW twitter regarding this problem and the team was working on it. It will be resolved asap. But i just found another thread that has been discussing this problem. It may better for you to read carefully before try to make a double post like this, but i appreciate this kind of awareness. 

Hey. I understand what you're saying. The reason I just posted this immediately because I didn't want to risk wasting a few more minutes in finding a similar post, as you may know, this is really really important and a 5 minute difference could potentially prevent a single(or multiple) investor for being screwed.
full member
Activity: 686
Merit: 131
Do not use myetherwallet.com if you're using Google Public DNS (8.8.8.8 / 8.8.4.4) at this moment, it seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!

Invalid certificate: https://imgur.com/a/bh6p4DQ

Code:
root@tali:/home/micky# dig @8.8.8.8 myetherwallet.com

; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A

;; ANSWER SECTION: myetherwallet.com. 9641 IN A 46.161.42.42

;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 24 15:48:51 EEST 2018 ;; MSG SIZE rcvd: 62

root@tali:/home/micky# dig @8.8.4.4 myetherwallet.com

; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.4.4 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36179 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A

;; ANSWER SECTION: myetherwallet.com. 9902 IN A 46.161.42.42

;; Query time: 33 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Tue Apr 24 15:50:27 EEST 2018 ;; MSG SIZE rcvd: 62

Always make sure your connection is secure "green" in your browser!

LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29

Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.

Again, please make sure the SSL Connection is always green when you interact with any website.



Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/

I wish I had a merit to give you cause yes, this is crazy important.

Some solutions right now.

#1) Just DON'T log in to myetherwallet at all for the time being.

#2) Make sure you are at the correct site with the correct certificate and ssl connection

#3) Get a Trezor or Ledger and start using them to access mew

By now, everyone should know just how vulnerable web based wallets are.  It isn't really mew's fault, mew is just an interface to interact with the ethereum network.  On top of that, there are SO MANY warnings and advice on how to use mew safely yet so many people disregard them.

If you are serious about crypto, then you should ONLY be using paper wallets or hardware wallets.
If you actively trade, I would leave only the bare minimum required to trade on exchanges.
Everything else just store it away.
Would you leave your hardearned cash just laying around for anyone to pick up?
Why would you do the same with crypto?
full member
Activity: 347
Merit: 111
Damn hackers! Why don't they use their technology to do something useful to others? Why should we steal the fruits of others' hard work? Disgusting behavior!
legendary
Activity: 3108
Merit: 1029
Do not use myetherwallet.com if you're using Google Public DNS (8.8.8.8 / 8.8.4.4) at this moment, it seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!

Invalid certificate: https://imgur.com/a/bh6p4DQ

Code:
root@tali:/home/micky# dig @8.8.8.8 myetherwallet.com

; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A

;; ANSWER SECTION: myetherwallet.com. 9641 IN A 46.161.42.42

;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 24 15:48:51 EEST 2018 ;; MSG SIZE rcvd: 62

root@tali:/home/micky# dig @8.8.4.4 myetherwallet.com

; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.4.4 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36179 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A

;; ANSWER SECTION: myetherwallet.com. 9902 IN A 46.161.42.42

;; Query time: 33 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Tue Apr 24 15:50:27 EEST 2018 ;; MSG SIZE rcvd: 62

Always make sure your connection is secure "green" in your browser!

LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29

Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.

Again, please make sure the SSL Connection is always green when you interact with any website.



Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/

There is an update in the MEW twitter regarding this problem and the team was working on it. It will be resolved asap. But i just found another thread that has been discussing this problem. It may better for you to read carefully before try to make a double post like this, but i appreciate this kind of awareness. 
Pages:
Jump to: