MEW DNS hack report | Bitcointalksearch.org

butka

full member

Activity: 434

Merit: 246

Quote from: asere on May 23, 2018, 05:20:39 AM

I was using Metamask!
So I guess thats not where the problem is.

Yes, metamask is more secure and not susceptible to attacks of this type. It is important to stress that MEW's website wasn't hacked. It was a public DNS server that was hacked (Google’s DNS in fact), which then led to people landing on the wrong IP (attacker's sever rather than the MEW's server).

asere

newbie

Activity: 8

Merit: 0

Quote from: ?? on ??

-why the MEW is at all available to anyone when he is so risky?
-Is it so hard to make a verification before the transaction?
90 percent off people who have experienced this will never again touch crypto!

Agree on both statements!

Quote from: Quincy01 on May 23, 2018, 11:18:25 AM

... there should be some level of verification that needs to be done ...

I agree second level verification is a must.

Quote from: marks1976

1 Since the crypto can be considered as psudonymous and there is no way to report them. This mean if that will be useless.

2 these hackers get secured by the algoritm that has been implemented in the crypto currency and they can't be identified as far as i know. n

You identify yourself when you seek the connection to a bank for fiat transfer.

But concider this:
If the same address is repeatedly reported as a thieve-address and is banned on the public ledger then the funds that it holds would become inactive/burned.
This is fair and would be a nice addition to any blockchain.

Actually there might exist a blockchain that would rate addresses (eventually the person behind an address) and sort them in a list as reliable/not reliable

marks1976

sr. member

Activity: 893

Merit: 250

Quote from: asere on May 23, 2018, 05:07:57 AM

Hi,

Me too was a victim of this hack.
Actually I agree its not a real hack but a DNS exploit that along my carefulness about the SSL warning led to my account being robbed.

The thing I want to stress out is the fact that its known who invaded my account and stole my coins.
Its on a public ledger and his address is known.

Actually the fucker has this address https://etherscan.io/address/0x4b688d297e3b4f3359f8ab9883ebaf300fc01497

My questions are:

1. Shouldn't WE ,as a community, have a place where these fuckers are reported/banned.

2. How can this fucker be identified? At some point he will use this address to send the coins to an exchange for FIAT conversion or for trading.
Then he is identifiable(?)

I know its my mistake for being careless with my surfing habits and I will not see these coins again,
but more important than my money is to save others from this...and to make the use of cryptos better.

Any thoughts on this is appreciated.

Peace

1 Since the crypto can be considered as psudonymous and there is no way to report them. This mean if that will be useless.

2 these hackers get secured by the algoritm that has been implemented in the crypto currency and they can't be identified as far as i know. n

Quincy01

newbie

Activity: 140

Merit: 0

I am so sorry to hear this sad experience with your stolen tokens, it is really sad because my friend was also robbed by theses hackers two weeks again and up to this moment he is still in that shock and sick of the entire system. My opinion here is that the MEW support team should upgrade there software in such a way that before any transaction flies through, there should be some level of verification that needs to be done and they should tighten the security of the system because it is too porous, thousands of people are crying over this issue and they just can't keep quite about it.

asere

newbie

Activity: 8

Merit: 0

Quote from: Ekosistim on May 23, 2018, 05:09:33 AM

maybe we cant count anymore how many victim by this problem, so for secure our assets its better to use metamask or ledger i think.

I was using Metamask!
So I guess thats not where the problem is.

lucian999

newbie

Activity: 144

Merit: 0

there are many hackers who want to hack the mews so double remember one of their modes is to sign up on the links or airdrops and telegram so avoid doing so just do not sign up for the first try before signing up for no Get the best you can with your mew

Ekosistim

jr. member

Activity: 196

Merit: 1

maybe we cant count anymore how many victim by this problem, so for secure our assets its better to use metamask or ledger i think.

asere

newbie

Activity: 8

Merit: 0

Hi,

Me too was a victim of this hack.
Actually I agree its not a real hack but a DNS exploit that along my carefulness about the SSL warning led to my account being robbed.

The thing I want to stress out is the fact that its known who invaded my account and stole my coins.
Its on a public ledger and his address is known.

Actually the fucker has this address https://etherscan.io/address/0x4b688d297e3b4f3359f8ab9883ebaf300fc01497

My questions are:

1. Shouldn't WE ,as a community, have a place where these fuckers are reported/banned.

2. How can this fucker be identified? At some point he will use this address to send the coins to an exchange for FIAT conversion or for trading.
Then he is identifiable(?)

I know its my mistake for being careless with my surfing habits and I will not see these coins again,
but more important than my money is to save others from this...and to make the use of cryptos better.

Any thoughts on this is appreciated.

Peace

Topic: MEW DNS hack report (Read 112 times)