Pages:
Author

Topic: MyEtherWallet Hacked - page 3. (Read 2264 times)

hero member
Activity: 1568
Merit: 511
October 22, 2017, 10:59:55 AM
#10
Before i giving my POV, to the answer of OP

1) Yes, MEW is hackable, but likely impossible at the same. Regardless of what, private key is still a combination of characters, it just the matter of time people spent to find the EXACT same characters as your private key.

My take here:

It seems that that hacker "only steal KICKcoins and ETH" from the account, one of the hacked account/perhaps its owner account here
https://etherscan.io/address/0xe34c1d62e02c7cf5f729f439b5c7b77faa59a688#tokentxns

As you can see this account has Everex which is worth $240
But only Kickcoins is withdrawn, The hacker Withdraw coins that doesn't even have a value currently.

So i suspect you clicked into some Hijacked Phishing Site. Once you upload your Priv key.
It auto access your account
Check Balance of ETH = True, Withdraw
Check Balance of KickICO = True, Withdraw

And based on what you have said, after transferring the hacked Kickcoin, they transfer it again to this address
https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns

Based on all these information, i strongly believe you clicked into one of the fake MEW Site.

Because if you actually take a look at this address: https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns
Then check the tab "Tokens Transfer"

You can see each of the coins, are transferred by different Ethereum Account.

If you actually join slack, you would know recently it has tons of fake bots which spread fake message and tons of people getting phished.

However, this is all just speculations.
This address: https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns could be someone else address, perhaps its an exchange or so. I doesn't have a good reverse tracking skills, but these is all what i can find

Just to check out, did you receive email, message or etc that stated your account is compromised, hijack or anything?
legendary
Activity: 1624
Merit: 2481
October 22, 2017, 09:17:41 AM
#9
Questions:
Is MyEtherWallet that vulnerable to hacking?

I carefully safeguard my access information to MyEtherWallet. No one else has access to it. I only log on directly to http://www.myetherwallet.com. I subscribe to MalwareBytes, which is easily the most robust protection I have ever used. I do not click on third-party links or email links for financial sites.
Thank you for your time and assistance with this. I appreciate it!


MyEtherWallet is not vulnerable to hacking. This is probably the crucial point:

I only log on directly to http://www.myetherwallet.com


You should always use https instead of http. If you really used http there is a small chance of a Man in the Middle attack where the attacker
is between you and the real MEW, reading your keyfile/password/whatever you used because it was not encrypted with TLS.
Thats not a security flaw by MEW. Thats the reason you are encrypting sensible information with TLS (https protocol).

hero member
Activity: 1022
Merit: 517
October 22, 2017, 05:20:27 AM
#8
This is for sure a matter of big concern. I thought MEW was very safe. Better to buy a Ledger NANO then?

Safe or not also depending on yourself, I think this issue happened because OP was visiting a phishing link which stole his private key. It means we should be very careful in this online world. There are many myetherwallet users get hacked because of the phishing link, they key to be safe is on the users. Otherwise, it will be useless even if you ledger nano if you cant keep your own safety.
full member
Activity: 352
Merit: 100
October 22, 2017, 05:07:09 AM
#7
This is for sure a matter of big concern. I thought MEW was very safe. Better to buy a Ledger NANO then?
hero member
Activity: 840
Merit: 502
October 21, 2017, 09:37:29 PM
#6
OP The fact that you state that several other users with the same token were victims of this makes me think that this was not a general attack against myetherwallet and that this was a targeted attack to those that held those coins, I think you were the victim of a virus, by your post you seem to be using windows or some other insecure OS, I will recommend that you stop using that and use a Linux install for all your sensitive transactions from now on.
hero member
Activity: 3080
Merit: 603
October 21, 2017, 01:45:31 AM
#5
Also, with the place where I keep my passwords, I include the web address for the financial institution, like http://www.myetherwallet.com. So, every time I log in to a financial institution, I open a new browser tab. Then, I cut and paste that address into the new tab. Then, I proceed to enter my information. Even when I get verified emails from the financial institutions I do business with, I do not click on the links in those emails.

I have some doubts with this, have you heard about this malware http://wyzguyscybersecurity.com/copy-paste-malware/ many has come out to be a victim of this. I didn't experienced this malware but this can be another cause of it.

I wrote an extensive email to MEW, but do not know if I will hear back. Do you know if anyone hears back from MEW on support requests?

Yes, you just have to wait for it and tell us if they did ever reply to your problem.


Thank you for your help on this. I appreciate it.
Don't mention it.
sr. member
Activity: 518
Merit: 278
October 20, 2017, 09:53:47 PM
#4
Do you still have access to the computer you used to sign in to your MEW? If you have, can you review its history and look for the site you open which you think is MEW. Because if I'm not mistaken, you're likely to be a victim of a phishing attack and not aware that you've used a similar URL with that of MyEtherWallet.com. If this is the case, and you notice that you did use a phishing URL, then copy that URL and report it here: https://etherscamdb.info/report/. Include the screenshot of the wallet who stole your ETH and tokens and add whatever additional details you can impart to them so they can act and if possible, retrieve your funds.

Also, install this Chrome extension (if you're using Chrome for browser): https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn

This will give you a warning if the ETH address is used before for phishing activities or if it is blacklisted so you can avoid transacting with it or transferring anything to it.
newbie
Activity: 38
Merit: 0
October 20, 2017, 06:47:23 PM
#3
No. Even though I have only been in crypto for less than two months, I am very protective of my financial data. I immediately kept my Private Key locked away. Like a Hardware Wallet, I keep all important data like that locked away. I know to never share that with anyone. I was even hesitant, at first, to share my regular crypto addresses, until I researched it and understood that you couldn't access a wallet with just that.

Also, with the place where I keep my passwords, I include the web address for the financial institution, like http://www.myetherwallet.com. So, every time I log in to a financial institution, I open a new browser tab. Then, I cut and paste that address into the new tab. Then, I proceed to enter my information. Even when I get verified emails from the financial institutions I do business with, I do not click on the links in those emails.

I have quickly learned how dangerous Private Keys are. Why MEW insists on using them to log in with is beyond me. With Private Keys being hidden on Custodial Accounts like Coinbase, etc. and being locked away on Hardware Wallets, why would MEW use them to log in with?

MEW certainly seems to be hackable. I would absolutely not use it for anything but for transitory usage. So, if you want to use it for tokens, only transfer the ETH you need to for that token purchase. Then, when the tokens are deposited, get them out of there as soon as possible to a Hardware Wallet.

I wrote an extensive email to MEW, but do not know if I will hear back. Do you know if anyone hears back from MEW on support requests?

Thank you for your help on this. I appreciate it.
hero member
Activity: 3080
Merit: 603
October 20, 2017, 06:07:49 PM
#2
Well if you never visited MEW lookalike website, possibly that someone knows your private keys. Have you ever written your private keys on the web/email address? And what possible happened was someone has breached and got those private keys you have kept on your email and he just accessed it without you noticing it. Better not to use the same address anymore and sorry for your loss.
newbie
Activity: 38
Merit: 0
October 20, 2017, 05:24:15 PM
#1
I have very serious concerns with the security, or the lack of security, of MyEtherWallet.

The only wallet I know of that will transact in ICO Tokens is MyEtherWallet. Every ICO I have ever come across says to use MyEtherWallet.

I have had problems using MyEtherWallet. I will access it with the information that only I have access to. There are times that my balance will not show. I have to come back later to access the wallet so I can see my balance.

Now, the 1.5 ETH and 3000 KICK Tokens I had in there look like they are gone. I have accessed Etherscan and both my ETH and my Tokens were withdrawn to this address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be

Etherscan: https://etherscan.io/address/0x88404e743442886f04443c2624917df46d2deef5

Ethplorer: https://ethplorer.io/address/0x88404e743442886f04443c2624917df46d2deef5

You can see that whoever this person is, they have grabbed many KICK tokens from many addresses: https://etherscan.io/address/0xf7860ea76a36ee83abb7f88d3c773f0440e178be#tokentxns

Also, you can see that the address the KICK tokens were withdrawn to has taken in tons of other kinds of tokens:
https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns

And, yes, I don't know if I should be posting this transactional information on here, but what does it matter? Everything has been taken out of my wallet.

Questions:

Is MyEtherWallet that vulnerable to hacking?

I carefully safeguard my access information to MyEtherWallet. No one else has access to it. I only log on directly to http://www.myetherwallet.com. I subscribe to MalwareBytes, which is easily the most robust protection I have ever used. I do not click on third-party links or email links for financial sites.

But, still, my ETH and Tokens are gone to that address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be And, I am guessing I have zero recourse. Is that correct? Can anybody just hack into something like MyEtherWallet and take your coin and tokens?

Thank you for your time and assistance with this. I appreciate it!
Pages:
Jump to: