Pages:
Author

Topic: MyEtherWallet Hacked - page 2. (Read 2259 times)

full member
Activity: 342
Merit: 108
Bounty Detective
October 25, 2017, 06:59:04 PM
#30
If your etherwallet is hacked , well you must create a new wallet and send all your remaining tokens in your new wallet as soon as possible because if you dont the hacker will definite drain all your tokens and all your effort will be wasted. You must very aware of phising site because that is one of the things why our etherwallet is hacked.
full member
Activity: 364
Merit: 105
Dolphins Finance TRUSTED FINANCE
October 25, 2017, 08:41:19 AM
#29
I have very serious concerns with the security, or the lack of security, of MyEtherWallet.

The only wallet I know of that will transact in ICO Tokens is MyEtherWallet. Every ICO I have ever come across says to use MyEtherWallet.

I have had problems using MyEtherWallet. I will access it with the information that only I have access to. There are times that my balance will not show. I have to come back later to access the wallet so I can see my balance.

Now, the 1.5 ETH and 3000 KICK Tokens I had in there look like they are gone. I have accessed Etherscan and both my ETH and my Tokens were withdrawn to this address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be

Etherscan: https://etherscan.io/address/0x88404e743442886f04443c2624917df46d2deef5

Ethplorer: https://ethplorer.io/address/0x88404e743442886f04443c2624917df46d2deef5

You can see that whoever this person is, they have grabbed many KICK tokens from many addresses: https://etherscan.io/address/0xf7860ea76a36ee83abb7f88d3c773f0440e178be#tokentxns

Also, you can see that the address the KICK tokens were withdrawn to has taken in tons of other kinds of tokens:
https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns

And, yes, I don't know if I should be posting this transactional information on here, but what does it matter? Everything has been taken out of my wallet.

Questions:

Is MyEtherWallet that vulnerable to hacking?

I carefully safeguard my access information to MyEtherWallet. No one else has access to it. I only log on directly to http://www.myetherwallet.com. I subscribe to MalwareBytes, which is easily the most robust protection I have ever used. I do not click on third-party links or email links for financial sites.

But, still, my ETH and Tokens are gone to that address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be And, I am guessing I have zero recourse. Is that correct? Can anybody just hack into something like MyEtherWallet and take your coin and tokens?

Thank you for your time and assistance with this. I appreciate it!
Youve lost your coins without knowing why, youve definitely scammed. Maybe you log in your pivate key into pishers site this phishers site are good in minicing and confussing users. Or if thats not the case then someone knows your private key.
sr. member
Activity: 770
Merit: 254
October 25, 2017, 08:25:46 AM
#28
Even though I am not a fan of Ethereum at all, we should not avoid ETH just because a lot of scams happen on it. That is like avoiding Bitcoin or fiat because drug dealers and child pornography use them as payment. The reason so many scams happen on ETH is just that it is so easy to create an ERC20 token. You have people now just selling services, to create a token, whitepaper, logo, signatures and all that in a week.
What drug dealers and child pornography has to do with this topic?

OP said his wallet was hacked and it has nothing to do with erc20 tokens or scams.
newbie
Activity: 38
Merit: 0
October 24, 2017, 10:23:29 PM
#27
Even though I am not a fan of Ethereum at all, we should not avoid ETH just because a lot of scams happen on it. That is like avoiding Bitcoin or fiat because drug dealers and child pornography use them as payment. The reason so many scams happen on ETH is just that it is so easy to create an ERC20 token. You have people now just selling services, to create a token, whitepaper, logo, signatures and all that in a week.

Well, if I make double the BTC equivalent in ETH from Bitcoin mining, I might consider ETH services again. But, I will always remember getting taken on the ETH platform. Many others certainly have been left with that feeling too.

It would be best for those who founded ETH to spend some of what they've made on coming up with a recognized coalition of technical and financial advisors who could review ICO's and certify the ones they find to be reliable on their whitepapers and claims. That would certainly help in giving more credence to ICO's.
newbie
Activity: 38
Merit: 0
October 24, 2017, 10:17:56 PM
#26
Sorry for your loss dude. Shitty things always happen anytime. Next time, avoid to using private key to login if not very urgent. Just check it you balance using another web explorer like https://ethplorer.io/ or etherscan.

That is a good tip. I have learned to use those. But, transactions will still need access. I use Keystore/Password to access now. But, I am guessing a fraudulent site could get those from you and access your wallet just as easily.

Isn't the point of Google Authenticator that you have a unique code access for your account? And, the numeric code generated is also unique. So, if MEW offered Google Authenticator for access, even if a scammer had your keys, etc., it wouldn't matter, because they couldn't get past the authenticator. Is that correct?

Thank you for your advice!
hero member
Activity: 2338
Merit: 953
Temporary forum vacation
October 24, 2017, 12:51:46 PM
#25
Even though I am not a fan of Ethereum at all, we should not avoid ETH just because a lot of scams happen on it. That is like avoiding Bitcoin or fiat because drug dealers and child pornography use them as payment. The reason so many scams happen on ETH is just that it is so easy to create an ERC20 token. You have people now just selling services, to create a token, whitepaper, logo, signatures and all that in a week.
newbie
Activity: 38
Merit: 0
October 24, 2017, 12:35:44 PM
#24
Sorry for your loss, one of my friend also got his 30k $ stolen. There is a warning on mew website, should it be about it ? Because I've been hearing a lot about this lately.

Thank you for your comment.

I am using the EtherAddressLookup Google Extension. But, you have to be careful with that.

1.) It doesn't track everything, including URL's that are clearly fraudulent. I purposefully tried a phishing URL and, when it wasn't recognized as fraudulent, submitted it to their reporting.

2.) It doesn't always recognize an URL as scam/phishing/etc. the first time. You NEED to reload the site you clicked/keyed in to make sure that you get a good reading on it.

Regardless, the tools that MEW suggest are only one step in preventing problems.

I would suggest doing what I do: save the URL for the site you are wanting to access, like https://www.myetherwallet.com with your Username/Password. So, when you want to access it, it reminds you to cut and paste the URL into a New Tab in your browser. Once you load the page, make sure the address is correct. And, make sure it is secured. Fraudulent sites will have the wrong URL and are often not secured.
newbie
Activity: 38
Merit: 0
October 24, 2017, 12:24:31 PM
#23
I am using MyEtherWallet for some time now and I believe that for normal uses and purposes they are practically completely safe. To the best of my knowledge all the cases of missing funds from MEW wallets has been due to user error. I know it sounds harsh but I consider all successful phishing attacks as user errors.

That being said next time I check my wallet I will probably find it empty :=)

Few tips which cannot hurt:
1. Private keys are private. Don't share them ever!!!
2. Use at least 2 wallets. One for access to airdrops and day trading and the other as cold storage.
3. Please don't use PC with cracked versions of windows or other software for wallet creation. Use some well known and tested linux distribution or original clean installation of windows.


Harsh is fine. But, as I have said many times, using your Private Key for login is dangerous. Private Keys should be locked away. It's like having root access floating around.

There should be a fully user-controllable way to access MEW. Username/password and Google Authenticator is what almost everyone else uses.

The Ethereum platform has lost my business for good. If they want to promote MEW as the way to use ETH, they need to provide users with the same level of controlled access that other online wallets do.
sr. member
Activity: 770
Merit: 254
October 23, 2017, 04:13:28 PM
#22
Is MyEtherWallet that vulnerable to hacking?
No, but there are lots of phishing sites and you probably clicked on one of them.
Or you got keyloger which steal your private keys.
Other explanation can be - someone typed random private key and succeed to enter your wallet - but this is too long shot and not to mention almost impossible.
sr. member
Activity: 462
Merit: 254
October 23, 2017, 02:27:44 PM
#21
Thank you for the replies.

Ethereum seems to be plagued by ponzi schemes, ripoffs, hacks, phishing, etc. Anything I do with ETH will be very low-cost, no more than small fractions of 1 ETH.

I really, truly do not think I clicked a phishing URL. I have been in the practice of typing in URL's directly, and more recently, doing cut and paste. I do the right-click for cut and paste, and make sure that the URL is correct when the site it joined. I am going through my links and making

Yes, Slack is a joke, in my opinion. Absolutely riddled with scams. Plus, the fact that they openly display their scam URL's, in bold type, no less, is quite interesting. If I had clicked on one of those, my sanity needs to be checked.

The positives to take away are that: 1.) I will avoid ETH as much as possible. And, 2.) I will do a hardware wallet for cold storage of any crypto.

And, I still think that using a Private Key for log in is strange, at the very least. I would still say it is dangerous.
Many pishing sites, especially myetherwallet are built up on spelling mistakes (f.e. missing letters). Saw one, that I need to read three times, before I recognized the mistake.
member
Activity: 252
Merit: 11
PLAYHALL - SKILL GAMING PLATFORM
October 23, 2017, 11:22:04 AM
#20
Sorry for your loss dude. Shitty things always happen anytime. Next time, avoid to using private key to login if not very urgent. Just check it you balance using another web explorer like https://ethplorer.io/ or etherscan.
legendary
Activity: 2646
Merit: 2691
Join the world-leading crypto sportsbook NOW!
October 23, 2017, 11:11:53 AM
#19
I am using MyEtherWallet for some time now and I believe that for normal uses and purposes they are practically completely safe. To the best of my knowledge all the cases of missing funds from MEW wallets has been due to user error. I know it sounds harsh but I consider all successful phishing attacks as user errors.

That being said next time I check my wallet I will probably find it empty :=)

Few tips which cannot hurt:
1. Private keys are private. Don't share them ever!!!
2. Use at least 2 wallets. One for access to airdrops and day trading and the other as cold storage.
3. Please don't use PC with cracked versions of windows or other software for wallet creation. Use some well known and tested linux distribution or original clean installation of windows.
sr. member
Activity: 1218
Merit: 304
Best Crypto / Online Casino Writing Services
October 23, 2017, 06:59:07 AM
#18
Sorry for your loss, one of my friend also got his 30k $ stolen. There is a warning on mew website, should it be about it ? Because I've been hearing a lot about this lately.
member
Activity: 86
Merit: 10
October 23, 2017, 06:09:31 AM
#17
full member
Activity: 308
Merit: 100
October 23, 2017, 04:56:59 AM
#16
This is for sure a matter of big concern. I thought MEW was very safe. Better to buy a Ledger NANO then?
My assumptions are just as you say

With MEW's system and expertise what might be hacked.Mew very safe

But the security if it has been burglarized assets that we save does not have any value again (zero)
hero member
Activity: 1022
Merit: 500
October 23, 2017, 01:16:44 AM
#15
I am using myetherwallet and no was hacked.
newbie
Activity: 38
Merit: 0
October 22, 2017, 11:28:50 PM
#14
Do you still have access to the computer you used to sign in to your MEW? If you have, can you review its history and look for the site you open which you think is MEW. Because if I'm not mistaken, you're likely to be a victim of a phishing attack and not aware that you've used a similar URL with that of MyEtherWallet.com. If this is the case, and you notice that you did use a phishing URL, then copy that URL and report it here: https://etherscamdb.info/report/. Include the screenshot of the wallet who stole your ETH and tokens and add whatever additional details you can impart to them so they can act and if possible, retrieve your funds.

Also, install this Chrome extension (if you're using Chrome for browser): https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn

This will give you a warning if the ETH address is used before for phishing activities or if it is blacklisted so you can avoid transacting with it or transferring anything to it.


Any possible URL's were gone since I do Clear Cache/Clear History every couple of days.

I did try that extension, and purposely clicked on one of those bogus Slack scam URL's. One was flagged, but one wasn't. I reported the one not flagged. I definitely ran a full Delete Cache/History/Cookies after that, and added the scam URL's to Block Cookies.

Thank you for your suggestions! I do appreciate them.
newbie
Activity: 38
Merit: 0
October 22, 2017, 10:56:10 PM
#13
Thank you for the replies.

Ethereum seems to be plagued by ponzi schemes, ripoffs, hacks, phishing, etc. Anything I do with ETH will be very low-cost, no more than small fractions of 1 ETH.

I really, truly do not think I clicked a phishing URL. I have been in the practice of typing in URL's directly, and more recently, doing cut and paste. I do the right-click for cut and paste, and make sure that the URL is correct when the site it joined. I am going through my links and making

Yes, Slack is a joke, in my opinion. Absolutely riddled with scams. Plus, the fact that they openly display their scam URL's, in bold type, no less, is quite interesting. If I had clicked on one of those, my sanity needs to be checked.

The positives to take away are that: 1.) I will avoid ETH as much as possible. And, 2.) I will do a hardware wallet for cold storage of any crypto.

And, I still think that using a Private Key for log in is strange, at the very least. I would still say it is dangerous.
full member
Activity: 238
Merit: 105
October 22, 2017, 03:03:13 PM
#12
There's nothing you can do. However, if I were you I'd wipe my computer clean or maybe have TRON script run (look it up on reddit) to search for possible keyloggers. MEW is as safe as it gets, the problem is on your end. From what I gather, since the people affected all seem to have KICK in common, I could imagine a scenario in which you visited a website for this ico that was fake. Or something along these lines. Happens more often than you think and it takes a great deal of care when dealing with these things.
legendary
Activity: 3122
Merit: 1140
October 22, 2017, 02:57:09 PM
#11
Pages:
Jump to: