Author

Topic: MyEtherWallet has been hacked (Read 166 times)

newbie
Activity: 266
Merit: 0
April 29, 2018, 09:32:34 AM
#5
MyEtherWallet has been hacked through a DNS hijack which transfers users to a phishing site that has already stolen 215 eth, currently worth around $150,000.

Those who used myetherwallet.com through Google Public DNS (8.8.8.8 / 8.8.4.4) had their DNS servers resolving the domain to a bad server that could steal private keys as shown by this invalid certificate:


it is really true, now being hijacked against DNS then we dont not login first. to keep safe the coins we have collected. this incident is warms, there is no way to overcome it that I know.
newbie
Activity: 71
Merit: 0
April 25, 2018, 02:56:30 PM
#4
Is this new news or still the DnS problem?
We should be good right if it still go to the correct website?
full member
Activity: 756
Merit: 112
April 25, 2018, 09:21:49 AM
#3
What I know ...

MyEtherWallet, one of the main storage platforms of the cryptomeda ethereum of the internet, suffered a hacking attack in the dawn of this Tuesday (24). According to information from the Cointelegraph, those responsible for the coup - which have not yet been identified - have managed to steal approximately $ 150,000 in encrypted coins from the accounts of the service customers.

Criminals have used an old (but effective) technique known as BGP hijacking to reconfigure DNS servers and redirect site visitors to a phishing page. The only way to identify the fraud would be to pay attention to the lack of official MyEtherWaller certificate in the visited address, but few Internet users seem to have taken such detail and become victims.

On reddit, a service user commented on how the hit worked. "As soon as I entered, an accountant appeared for ten seconds and a transfer was made by sending all the available money to another wallet," he explained. After examining the case, the EtherScan platform realized that criminals created two different portfolios to execute the robbery before "shutting down" DNS interference.

It seems that the situation has already normalized and MyEtherWallet claims to be investigating the episode to take the necessary action. It is important to emphasize that, if they wanted to, those responsible for the coup could very well use the same feature to deceive users of other sites and web pages; however, so far, the hijacking of BGP does not seem to have affected other services in addition.

Thanks for the clarification. So it is not google dns resolver. This is the reason why I always check that "secured" certificate at the start of every url now most often. Do you think we are protected from phising sites if we use hardware wallets?
hero member
Activity: 1085
Merit: 500
hi =D
April 24, 2018, 04:35:06 PM
#2
What I know ...

MyEtherWallet, one of the main storage platforms of the cryptomeda ethereum of the internet, suffered a hacking attack in the dawn of this Tuesday (24). According to information from the Cointelegraph, those responsible for the coup - which have not yet been identified - have managed to steal approximately $ 150,000 in encrypted coins from the accounts of the service customers.

Criminals have used an old (but effective) technique known as BGP hijacking to reconfigure DNS servers and redirect site visitors to a phishing page. The only way to identify the fraud would be to pay attention to the lack of official MyEtherWaller certificate in the visited address, but few Internet users seem to have taken such detail and become victims.

On reddit, a service user commented on how the hit worked. "As soon as I entered, an accountant appeared for ten seconds and a transfer was made by sending all the available money to another wallet," he explained. After examining the case, the EtherScan platform realized that criminals created two different portfolios to execute the robbery before "shutting down" DNS interference.

It seems that the situation has already normalized and MyEtherWallet claims to be investigating the episode to take the necessary action. It is important to emphasize that, if they wanted to, those responsible for the coup could very well use the same feature to deceive users of other sites and web pages; however, so far, the hijacking of BGP does not seem to have affected other services in addition.
member
Activity: 322
Merit: 11
April 24, 2018, 03:05:19 PM
#1
MyEtherWallet has been hacked through a DNS hijack which transfers users to a phishing site that has already stolen 215 eth, currently worth around $150,000.

Those who used myetherwallet.com through Google Public DNS (8.8.8.8 / 8.8.4.4) had their DNS servers resolving the domain to a bad server that could steal private keys as shown by this invalid certificate:

Jump to: