Topic: [CAUTION] MyEtherWallet(MEW) hijacked (April 24, 2018) (Read 476 times)
One of the reasons why I do not like using my private key directly on MEW as this can easily be compromised and that warning when you are about to key in your private key alone is alarming. The thing is that this is something most people should have taken note by now and this is the reason I always prefer making use of metamask in doing transactions. I guess this is just some of the things we will keep seeing in this digital world.
Now the world of the Internet is completely different, not the same as it was many years ago. Now there are black hackers, white hackers. This is a real war. In my opinion, most gifted people are engaged in hacking. Someone with a good purpose, someone for the purpose of fraud. I recently read about the almost proven theory of theft through electricity (without using the Internet). Sometimes I even fear how fast our world has been developing recently.
Its unfortunate tha such things still happen and will keep happening as the hackers keep coming up with new ways to defraud you of your hard earned money, the blame cannot however be totally directed to MEW. WEB based wallets are vulnerable and a combined effort from Both MEW and the users is the only way to ensure you are protected from the hackers. While MEW ensures that their systems are up to date and able to cub such attempts, The uses should put into consideration security measures such as avoidinging frequent log ins into the wallet which will expose your secret keys. or settle for a safer option i hardware wallets such as the ledger Nano s
Too often, MEW hacked this year, they need something to do with protection. Personally, I already went to Metamask, there things are better with this.
Thank you so much for the warning sir. Me also want to access the MEW at that date but I have an important matters to attend so I didnt successfully log in to MEW and I thank for it cause I then know that the MEW was hijacked. I think the MEW as of now is running and working already. Just make sure that you log in on the correct website.
There is an update in the MEW twitter regarding this problem and the team was working on it. It will be resolved asap. But i just found another thread that has been discussing this problem. It may better for you to read carefully before try to make a double post like this, but i appreciate this kind of awareness.
Hey. I understand what you're saying. The reason I just posted this immediately because I didn't want to risk wasting a few more minutes in finding a similar post, as you may know, this is really really important and a 5 minute difference could potentially prevent a single(or multiple) investor for being screwed.
Thank you guys both for warnings and advices how to prevent hijacking. Maybe you know free or cheap hardware wallets?
I'd honestly only suggest using a Ledger Nano S[ledgerwallet.com] or a Trezor[trezor.io]. They may be a bit expensive for you, but trust me. If you hold significant amounts of cryptocurrencies, it's definitely worth spending a bit of money for a hardware wallet. Security should always be a priority.
I agreed, $100 is definitely a good small investment to safeguard your coins which worth alot more than $100. Anyone holding crypto currencies for the the long term should consider getting a hardware wallet.
Thank you guys both for warnings and advices how to prevent hijacking. Maybe you know free or cheap hardware wallets?
I'd honestly only suggest using a Ledger Nano S[ledgerwallet.com] or a Trezor[trezor.io]. They may be a bit expensive for you, but trust me. If you hold significant amounts of cryptocurrencies, it's definitely worth spending a bit of money for a hardware wallet. Security should always be a priority.
Thanks for the warning man, I'll inform my friends about this and please spreed this news to your friends ASAP.
It was really crazy since I actually made a transaction on this date in transferring some of my tokens. I guess I must have been lucky as probably that would have been the worst day of my life if anything had happen.Still, there has never been a day I make use of MEW without trying as much as possible to take note of that green padlock and even on any other site asides MEW as anything outside it makes entering a delicate stuff on the web makes it vulnerable. Indeed, this is a call to switch to a hardware wallet. Just a $100 for the safety of your asset is indeed worth it.
Damn hackers! Why don't they use their technology to do something useful to others? Why should we steal the fruits of others' hard work? Disgusting behavior!
Devs need to hardfork those coins back! Right?
Just checked now, the link is true, green status, the certificate is valid. Perhaps this is danger for some countries.
If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?
I am also interested in this question. I keep my MEW on the flash drive. Now I'm afraid to get into my wallet. I don't know how safe it is. On forum I have read that can be go. But friends say it's not necessary. Don't know what to do... If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?
To store ETH and ERC 20 tokens, it is safer to use hardware wallets. The only caveat - needs to order them only from official websites. And do not buy them on ads on the Internet. Since not all sellers are honest.
Exactly, what is the best website to buy the Hardware wallet for storing the ETH and ERC20, because recently we have seen many hacks and i could not able to find the best tezor for safeguarding my coins?
To store ETH and ERC 20 tokens, it is safer to use hardware wallets. The only caveat - needs to order them only from official websites. And do not buy them on ads on the Internet. Since not all sellers are honest.
Damn hackers! Why don't they use their technology to do something useful to others? Why should we steal the fruits of others' hard work? Disgusting behavior!
I guess they will never stop as long as this space is concerned. Apparently, they would not want to see it that way and just the same way we have good people, we will always have bad people and this is the way the world works. However, it is really something that anyone who wants to be in the digital world should try as much as possible to get used to considering that the only way to be safe is to know how to be safe yourself.I would always recommend using Metamask in any occasion to login to MEW or at least using a hardware wallet which guarantees more safety.
thanks for this warning, i will use ledger wallet to store all my altcoin to be safe
Thank you guys both for warnings and advices how to prevent hijacking. Maybe you know free or cheap hardware wallets?
I'd honestly only suggest using a Ledger Nano S[ledgerwallet.com] or a Trezor[trezor.io]. They may be a bit expensive for you, but trust me. If you hold significant amounts of cryptocurrencies, it's definitely worth spending a bit of money for a hardware wallet. Security should always be a priority.
So sad to know this current scenario. This thieves are gonna reap the fruits of their evil doings someday. They got themselves so blinded by their love for riches and wealth. Theyll gonna suffer in the end. So lucky I didnt open my mew this days.
thanks for this warning. this is really bad when something like this happens. hope not many people lost money thru this hijack, but as i have read, over 200k eth have been stolen. 
But unfortunately that over 200k eth is a lot and for sure many traders are regretting for not using hardware wallet, yet this sundden attack should be a warning to all of us that there's nothing safe nowadays especially from hackers that don't know anything but to stole. They really did this on purpose like market is all green and people are selling their coins and that will be a perfect timing to their evil plan, good thing I didn't open my wallet yesterday and just checking my coins through etherscan.
Well you're a whole lot safer if you're on a hardware wallet. Thus goes to show that if you really want to secure your assets, then it's best to invest in a hardware wallet. I had a few qualms when i made an account in mew and fortunately i only have a few tokens stored there. Though the tokens are still there last time i checked :p
Do not use myetherwallet.com if you're using Google Public DNS (8.8.8.8 / 8.8.4.4) at this moment, it seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!
Invalid certificate: https://imgur.com/a/bh6p4DQ
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
Invalid certificate: https://imgur.com/a/bh6p4DQ
Code:
root@tali:/home/micky# dig @8.8.8.8 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9641 IN A 46.161.42.42
;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 24 15:48:51 EEST 2018 ;; MSG SIZE rcvd: 62
root@tali:/home/micky# dig @8.8.4.4 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.4.4 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36179 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9902 IN A 46.161.42.42
;; Query time: 33 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Tue Apr 24 15:50:27 EEST 2018 ;; MSG SIZE rcvd: 62
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9641 IN A 46.161.42.42
;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 24 15:48:51 EEST 2018 ;; MSG SIZE rcvd: 62
root@tali:/home/micky# dig @8.8.4.4 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.4.4 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36179 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9902 IN A 46.161.42.42
;; Query time: 33 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Tue Apr 24 15:50:27 EEST 2018 ;; MSG SIZE rcvd: 62
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
I wish I had a merit to give you cause yes, this is crazy important.
Some solutions right now.
#1) Just DON'T log in to myetherwallet at all for the time being.
#2) Make sure you are at the correct site with the correct certificate and ssl connection
#3) Get a Trezor or Ledger and start using them to access mew
By now, everyone should know just how vulnerable web based wallets are. It isn't really mew's fault, mew is just an interface to interact with the ethereum network. On top of that, there are SO MANY warnings and advice on how to use mew safely yet so many people disregard them.
If you are serious about crypto, then you should ONLY be using paper wallets or hardware wallets.
If you actively trade, I would leave only the bare minimum required to trade on exchanges.
Everything else just store it away.
Would you leave your hardearned cash just laying around for anyone to pick up?
Why would you do the same with crypto?
Thank you guys both for warnings and advices how to prevent hijacking. Maybe you know free or cheap hardware wallets?
Update: looks like the hacker stole 216 Ether in total.
Screenshot(as newbies cant post images): https://i.imgur.com/7fueK5v.png
Screenshot(as newbies cant post images
): https://i.imgur.com/7fueK5v.png 
thanks for this warning. this is really bad when something like this happens. hope not many people lost money thru this hijack, but as i have read, over 200k eth have been stolen.
But unfortunately that over 200k eth is a lot and for sure many traders are regretting for not using hardware wallet, yet this sundden attack should be a warning to all of us that there's nothing safe nowadays especially from hackers that don't know anything but to stole. They really did this on purpose like market is all green and people are selling their coins and that will be a perfect timing to their evil plan, good thing I didn't open my wallet yesterday and just checking my coins through etherscan.
thanks for this warning. this is really bad when something like this happens. hope not many people lost money thru this hijack, but as i have read, over 200k eth have been stolen.
But unfortunately that over 200k eth is a lot and for sure many traders are regretting for not using hardware wallet, yet this sundden attack should be a warning to all of us that there's nothing safe nowadays especially from hackers that don't know anything but to stole. They really did this on purpose like market is all green and people are selling their coins and that will be a perfect timing to their evil plan, good thing I didn't open my wallet yesterday and just checking my coins through etherscan.
Please explain, if you use for logging hardware wallet Ledger, will I be safe? I mean this is the case when the hacked DNS server.
If I'm not wrong then hardware wallet should be fine to login because the current issue everyone is talking about myetherwallet.com DNS server issue.
If not urgent then just avoid logging few days.
It will be very painful for the people who has lost their coins in this hack. Perticularly if some newbie lost money then they may not come back to cryptos because they think it is not safe.
This is so helpful, I'm planning to check my account after i heard this news, and I bumped to this thread, this info helps a lot for reducing my potential to be scammed.
There is an update in the MEW twitter regarding this problem and the team was working on it. It will be resolved asap. But i just found another thread that has been discussing this problem. It may better for you to read carefully before try to make a double post like this, but i appreciate this kind of awareness.
Hey. I understand what you're saying. The reason I just posted this immediately because I didn't want to risk wasting a few more minutes in finding a similar post, as you may know, this is really really important and a 5 minute difference could potentially prevent a single(or multiple) investor for being screwed.
Because I have known that not so many people are actively watching the latest update regarding what already happened or mainly to visit the official twitter account of myetherwallet.
thanks for this warning. this is really bad when something like this happens. hope not many people lost money thru this hijack, but as i have read, over 200k eth have been stolen.
This is the scammers address if you want to track how much he/she already scammed. https://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
thanks for this warning. this is really bad when something like this happens. hope not many people lost money thru this hijack, but as i have read, over 200k eth have been stolen.
when I wake up, I hear this news, I immediately take precautions in my computer, and search for the source of truth news, I am grateful for the information you provide, for me the information you provide is very helpful to us
MyEtherWallet.com has been reportedly hacked – 215 Ethereum [ETH] phished in less than 3 hours
Don't login to your MEW accounts yet, wait until the dust settles and everything has been fixed.
Don't login to your MEW accounts yet, wait until the dust settles and everything has been fixed.
Terrible news . I have heard that some guy lose 85 eth from his wallet
Totally terrible and whomever who's this guy that lost 85 ETH it's never safe to put that sums of holding to a web wallet. This is why getting your own hardware wallets is always the best storage.that's a huge amount already. this is why I'm login into the MEW in an offline page just to make sure its the real page that i have downloaded. 85 ETH is something to die for already in my country its worth more than 5M and you can already buy a lot with it, pick up trucks and so on. easy money for the hackers, lost investment and exasperation for the token owners.
https://twitter.com/myetherwallet
Still no update if its okay.
Please explain, if you use for logging hardware wallet Ledger, will I be safe? I mean this is the case when the hacked DNS server.
Just checked now, the link is true, green status, the certificate is valid. Perhaps this is danger for some countries.
If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?
If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?
I'm also interested to learn about the reliability of Metamask. If I log into MEW using Metamask, my wallet is likewise in danger of being hacked?
That's a sad story. We all need to be careful. Scammers are getting smarter we can't relax. Always check the site and security. Phishing visible
I accessed my wallet six hours ago, would that be an issue? I used my laptop and coudln't find the red security error while opening it. Do you feel it was safe to have accessed my wallet back then? All my tokens are still intact. I hope my private keys are not compromised because I am supposed to get the payment of my signature campaign tonight and I don't want to end up losing all my money.
Thanks for the warning. 2-3 days just will not go. I'm new to the cryptomir, I'm engaged in bounty only six months. And I can not immediately navigate in the subtle matter of crypto-currency.
I would advise using METAMASK, in my opinion it is much safer, it is also better to use cold wallets. With MEW, this is not the first problem, and not the last one.
This is very much important. I saw this notification a while ago. It very much imperative we spread info of such magnitude to prevent people from getting ripped off.
thank you.
thank you.
Really appreciate the update regarding this. That's why it is important to keep up to date with whatever happening in the crypto world.
I'll definitely recommend everyone to safeguard your cryptos as they are becoming more and more valuable day by day.
I'll definitely recommend everyone to safeguard your cryptos as they are becoming more and more valuable day by day.
Very usefull information, this will make us more careful in accessing MyEtherwallet account. Hopefully this problem will be fixed soon.
This is bad new, but the cyptocurrency market is not affected. So often it happens that negative news does not affect the bull market and positive news does not affect the bearish market.
Thank you for the warning. Just curious if I use hardware wallet to interact with MEW, will the private key be revealed when such hack is happening?
Damn hackers! Why don't they use their technology to do something useful to others? Why should we steal the fruits of others' hard work? Disgusting behavior!
But thats the way it must be,hackers are those people that gifted with bright full mind but they choose to use it badways ..what we need to do is add extra careful,become vigilant and act like what OP did..always shares those issue regarding something like this,so everyone will be aware and will make action to prevent from being victim. MyEtherWallet.com has been reportedly hacked – 215 Ethereum [ETH] phished in less than 3 hours
Don't login to your MEW accounts yet, wait until the dust settles and everything has been fixed.
Don't login to your MEW accounts yet, wait until the dust settles and everything has been fixed.
Terrible news . I have heard that some guy lose 85 eth from his wallet
Totally terrible and whomever who's this guy that lost 85 ETH it's never safe to put that sums of holding to a web wallet. This is why getting your own hardware wallets is always the best storage.that's a huge amount already. this is why I'm login into the MEW in an offline page just to make sure its the real page that i have downloaded. 85 ETH is something to die for already in my country its worth more than 5M and you can already buy a lot with it, pick up trucks and so on. easy money for the hackers, lost investment and exasperation for the token owners.
There is an update in the MEW twitter regarding this problem and the team was working on it. It will be resolved asap. But i just found another thread that has been discussing this problem. It may better for you to read carefully before try to make a double post like this, but i appreciate this kind of awareness.
Hey. I understand what you're saying. The reason I just posted this immediately because I didn't want to risk wasting a few more minutes in finding a similar post, as you may know, this is really really important and a 5 minute difference could potentially prevent a single(or multiple) investor for being screwed.
Because I have known that not so many people are actively watching the latest update regarding what already happened or mainly to visit the official twitter account of myetherwallet.
Just checked now, the link is true, green status, the certificate is valid. Perhaps this is danger for some countries.
If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?
If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?
Stay away at least at some moments.
Just checked now, the link is true, green status, the certificate is valid. Perhaps this is danger for some countries.
If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?
If I use an extension like Metamask or loaded site MEW on my hard drive, is this safe in this case?
MyEtherWallet.com has been reportedly hacked – 215 Ethereum [ETH] phished in less than 3 hours
Don't login to your MEW accounts yet, wait until the dust settles and everything has been fixed.
Don't login to your MEW accounts yet, wait until the dust settles and everything has been fixed.
Terrible news . I have heard that some guy lose 85 eth from his wallet
Totally terrible and whomever who's this guy that lost 85 ETH it's never safe to put that sums of holding to a web wallet. This is why getting your own hardware wallets is always the best storage.
Terrible news . I have heard that some guy lose 85 eth from his wallet ... Damn , what a pain I think 
I was lucky , that I didn't login my wallets today , but I think I'l gonna buy some ledger to keep my funds in secure place , because mew have been compromised so many times that I can't trust it anymore .
I was lucky , that I didn't login my wallets today , but I think I'l gonna buy some ledger to keep my funds in secure place , because mew have been compromised so many times that I can't trust it anymore . 
If hacking really was, it would have a negative impact on the entire crypto market. To myetherwallet always had a high level of confidence. I don't even know what a wallet is for you to use...
Thank for let us know, we really need to careful and check everything before login to myetherwallet, my last login time is 11 hour ago, thank for God I don't have login in last hour, if not all my funds already transfer out to hackers wallet
This is not first time happening mate. People are really worry about losing the fund on using online wallet even they have the private key control with them. I advice you to bookmark the website URL correct.
You will get the tokens access still if you going to wallet with the perfect URL without any VPN plugs mate.
If you use tor browser you will get this issue. Hope your would get issue.
You will get the tokens access still if you going to wallet with the perfect URL without any VPN plugs mate.
If you use tor browser you will get this issue. Hope your would get issue.
Please read the actual post. MyEtherWallet got hijacked on a DNS level, meaning that even though you're using the correct URL(https://myetherwallet.com) you could still get hacked.
This is really alarming mew were hijacked so all users must be aware of this bad news. There are really scammers that we should be very cautious on the website that we are using. Thank's for this information so I'll always be updated if this problem were resolved immediately.
I really hope that the strong programmers are currently working on the creation of a safe cold wallet to store tokens on the blockchain of the Eth. This is a very necessary thing and I'm waiting for it. People tell me, maybe now there is such a purse?
Wow...thanks for the heads up.
Triple checking the url can never be overemphasized when logging in to MEW.
Seems these hackers wont be stopping their criminal acts anytime soon.
Triple check everything before inputting your private keys. Be safe out there
Triple checking the url can never be overemphasized when logging in to MEW.
Seems these hackers wont be stopping their criminal acts anytime soon.
Triple check everything before inputting your private keys. Be safe out there
Do not use myetherwallet.com if you're using Google Public DNS (8.8.8.8 / 8.8.4.4) at this moment, it seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!
Invalid certificate: https://imgur.com/a/bh6p4DQ
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
Invalid certificate: https://imgur.com/a/bh6p4DQ
Code:
root@tali:/home/micky# dig @8.8.8.8 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9641 IN A 46.161.42.42
;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 24 15:48:51 EEST 2018 ;; MSG SIZE rcvd: 62
root@tali:/home/micky# dig @8.8.4.4 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.4.4 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36179 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9902 IN A 46.161.42.42
;; Query time: 33 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Tue Apr 24 15:50:27 EEST 2018 ;; MSG SIZE rcvd: 62
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
This is not first time happening mate. People are really worry about losing the fund on using online wallet even they have the private key control with them. I advice you to bookmark the website URL correct.
You will get the tokens access still if you going to wallet with the perfect URL without any VPN plugs mate.
If you use tor browser you will get this issue. Hope your would get issue.
Please explain what this phrase means, thanks "...correct certificate and ssl connection".
And if through the explorer you will be viewing your deposit, then it's not scary?
And if through the explorer you will be viewing your deposit, then it's not scary?
Thanks for the warning
Look at that! In just few hours, the hacker already cashed out 215 ether!
And after reading the comments in the etherscan, it looks like he changes his address.
Stay safe buddy, use a hardware wallet!
Look at that! In just few hours, the hacker already cashed out 215 ether!
And after reading the comments in the etherscan, it looks like he changes his address.
Stay safe buddy, use a hardware wallet!
This kind of events put us in very defensive positions. If you can't even use safely myetherwallet, then you know there is a problem.
I wonder why this never happened with blockchain.info, as many say this is a common problem?
I wonder why this never happened with blockchain.info, as many say this is a common problem?
Damn hackers! Why don't they use their technology to do something useful to others? Why should we steal the fruits of others' hard work? Disgusting behavior!
There's only 3 types of people living on earth "The Good The Bad and The Weird" well i guess this man is The Bad.
There is an update in the MEW twitter regarding this problem and the team was working on it. It will be resolved asap. But i just found another thread that has been discussing this problem. It may better for you to read carefully before try to make a double post like this, but i appreciate this kind of awareness.
Hey. I understand what you're saying. The reason I just posted this immediately because I didn't want to risk wasting a few more minutes in finding a similar post, as you may know, this is really really important and a 5 minute difference could potentially prevent a single(or multiple) investor for being screwed.
Do not use myetherwallet.com if you're using Google Public DNS (8.8.8.8 / 8.8.4.4) at this moment, it seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!
Invalid certificate: https://imgur.com/a/bh6p4DQ
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
Invalid certificate: https://imgur.com/a/bh6p4DQ
Code:
root@tali:/home/micky# dig @8.8.8.8 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9641 IN A 46.161.42.42
;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 24 15:48:51 EEST 2018 ;; MSG SIZE rcvd: 62
root@tali:/home/micky# dig @8.8.4.4 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.4.4 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36179 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9902 IN A 46.161.42.42
;; Query time: 33 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Tue Apr 24 15:50:27 EEST 2018 ;; MSG SIZE rcvd: 62
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
I wish I had a merit to give you cause yes, this is crazy important.
Some solutions right now.
#1) Just DON'T log in to myetherwallet at all for the time being.
#2) Make sure you are at the correct site with the correct certificate and ssl connection
#3) Get a Trezor or Ledger and start using them to access mew
By now, everyone should know just how vulnerable web based wallets are. It isn't really mew's fault, mew is just an interface to interact with the ethereum network. On top of that, there are SO MANY warnings and advice on how to use mew safely yet so many people disregard them.
If you are serious about crypto, then you should ONLY be using paper wallets or hardware wallets.
If you actively trade, I would leave only the bare minimum required to trade on exchanges.
Everything else just store it away.
Would you leave your hardearned cash just laying around for anyone to pick up?
Why would you do the same with crypto?
Damn hackers! Why don't they use their technology to do something useful to others? Why should we steal the fruits of others' hard work? Disgusting behavior!
Do not use myetherwallet.com if you're using Google Public DNS (8.8.8.8 / 8.8.4.4) at this moment, it seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!
Invalid certificate: https://imgur.com/a/bh6p4DQ
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
Invalid certificate: https://imgur.com/a/bh6p4DQ
Code:
root@tali:/home/micky# dig @8.8.8.8 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9641 IN A 46.161.42.42
;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 24 15:48:51 EEST 2018 ;; MSG SIZE rcvd: 62
root@tali:/home/micky# dig @8.8.4.4 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.4.4 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36179 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9902 IN A 46.161.42.42
;; Query time: 33 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Tue Apr 24 15:50:27 EEST 2018 ;; MSG SIZE rcvd: 62
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
There is an update in the MEW twitter regarding this problem and the team was working on it. It will be resolved asap. But i just found another thread that has been discussing this problem. It may better for you to read carefully before try to make a double post like this, but i appreciate this kind of awareness.
Thanks for the warning man, I'll inform my friends about this and please spreed this news to your friends ASAP.
Update: looks like the hacker stole 216 Ether in total.
Here's a screenshot link as newbies cant post images : https://i.imgur.com/7fueK5v.png
Do not use myetherwallet.com if you're using Google Public DNS (8.8.8.8 / 8.8.4.4) at this moment, it seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!
Invalid certificate: https://imgur.com/a/bh6p4DQ
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
Here's a screenshot link as newbies cant post images
: https://i.imgur.com/7fueK5v.pngDo not use myetherwallet.com if you're using Google Public DNS (8.8.8.8 / 8.8.4.4) at this moment, it seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!
Invalid certificate: https://imgur.com/a/bh6p4DQ
Code:
root@tali:/home/micky# dig @8.8.8.8 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9641 IN A 46.161.42.42
;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Apr 24 15:48:51 EEST 2018 ;; MSG SIZE rcvd: 62
root@tali:/home/micky# dig @8.8.4.4 myetherwallet.com
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.4.4 myetherwallet.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36179 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;myetherwallet.com. IN A
;; ANSWER SECTION: myetherwallet.com. 9902 IN A 46.161.42.42
;; Query time: 33 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Tue Apr 24 15:50:27 EEST 2018 ;; MSG SIZE rcvd: 62
Always make sure your connection is secure "green" in your browser!
LE: Anyone that got their keys into this has had their funds transferred to http://etherscan.io/address/0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
Edit2: Google Public DNS is now resolving the correct ips. Keep in mind the ttl of the old records was some 9000 seconds, we can expect some ISP's to cache that for their clients.
Again, please make sure the SSL Connection is always green when you interact with any website.
Source: https://www.reddit.com/r/ethereum/comments/8ek86t/warning_myetherwalletcom_highjacked_on_google/
Jump to: