Topic: Solving MEW Security Issues (Read 270 times)

Thank you for your addition. I have added it to the thread.

Good post, but there is one inconvenience if offline or semi-offline MEW is used. You need to manually add your new ERC-20 tokens. Online MEW recognizes them automatically most of the times. Only a small inconvenience while significantly safer usage. I can recommend this semi-offline version, and using a rather old github release (from before devs clash in social media, just to be sure you know folks!).   

@Primal6666

Thank you, your article was very helpfull. I'm sure that it will help to save the money of at least a few people, it's great. I think purchasing Ledger or Trezor will be the best solution.

Thank you. I will be glad if I could help someone save their money or avoid losing them. Thanks for the links, but they are already added. Advice number 3, desktop version.


Yes, i saw somewhere in net an information, that mobile version of firefox works with addons, same as desktop version. You can try and tell us if it really works.


Honestly, I do not know. I consider that all mobile wallets are not safe. As far as I know, the most popular Electrum and Jaxx, also there is Exodus and the Bitcoin Core for Bitcoin. But this is not advice, I repeat, I consider that mobile wallets are not safe.

Very good advice. It will certainly help many people to protect themselves from losing money.
Only to make changes in the "hosts" file, the rights have to be raised to the administrator. This file should be moved to the desktop or to another location, edited with a notepad, save changes and re-moved there as an administrator.

what name for mobile apps wallet, that perform like mew

did u know about imtoken? i inputed my private key there
but im worrying about my ballance there.

and thank for suggestion using metamask
thats help me alot for not input any key in market like forkdelta

thanks for your info guys.. This can help solve the security problems of MEW users who are lately rife with the hijacked issue. it's a good steps to secure ethereum from theft and phising.
Good luck for you

@Marahunter

For transactions you must have some ETH on your wallet, GAS cannot be deducted from tokens.

When sending ERC-20 tokens from the wallet, is it necessary to have ethereum or the gas is automatically deducted from the value of the tokens being transferred?

Metamask extension exclusively for Google Chrome browser? I use Opera-the extension could not be found 

@Primal6666

Nice tips, definietely worth doing regarding latest hacks. If someone wants to have even more security, but can't donwload the whole Ethereum blockchain to run wallet, there is a way to run MEW locally on offline computer and even make offline transactions. Here are the sources how to do it:

https://myetherwallet.github.io/knowledge-base/offline/running-myetherwallet-locally.html
https://myetherwallet.github.io/knowledge-base/offline/making-offline-transaction-on-myetherwallet.html

All I could found about mobile security, added.


Yes it's better than nothing. But best decision still will be to have 1 cold wallet for main funds, and 1 for current operations.


What kind of problem. I have change it and it works perfectly.

Definitely good advice!
Additionally for advice #1: 
0: ALWAYS backup your hostfile before editing, so you can revert changes.
1. (for mac): https://www.imore.com/how-edit-your-macs-hosts-file-and-why-you-would-want

Thank you for telling me how to solve the problems that are going on with Myetherwallet.
I used to use metasmask, so is it safe to use Metamask?

thanks for the instructions. but can not CloudFlare be attacked? editing hosts file is better

I found new dns 1.1.1.1 by cloudflare but i have problem and change to auto.

Thank you for the information. It will be a great help.

Thank you for your suggestion. But that way only applies to desktop or laptop, how to its mobile version? Do you have any suggestions?

Couple advice of Solving MEW Security Issues:

Desktop versions.

1. From here Translation from Russian Thread

Time has come to abandon the DNS service and go straight to the sites.

To do that, open C: \ windows \ system32 \ drivers \ etc
open the hosts file and add to the end, lines
104.20.225.58 etherdelta.com
52.85.242.126 myetherwallet.com
then close and save the file

After that, your browser will go to the site strictly at the specified IP address

Additionally for advice #1:  From Naficopa

Additionally for advice #1:  From CryptRoller

2. People who use Google DNS servers, could change it to CloudFlare DNS servers.

Here are they. CloudFlare  About CloudFlare DNS Security: link

3. Use Offline Version of MEW, it will use internet connection only to make transactions. How to do that read here.

Additionally for advice #3:  From crypto_bit


4. Instal Metamask or EtherAddressLookup, it will warn you if you go to a malicious website. Or buy Ledger, or Trezor. Its better to spend ~200 $ than to loose all your funds.

5. Here is some little tips from MEW, how to protect yourself. Link.


For mobile versions:

1. Use only high-quality wallets from well-known manufacturers. Read reviews. Remember that some wallets are exchanges and do not have cold storage, it's not safe. Always print a paper version of the wallet in order to be able to restore the wallet in case of loss, breakdown of the mobile device.

2. Use quality, guard apps for your mobile device.

3. It is best to have a mobile wallet for running costs, and the main funds to keep in a cold wallet.

4. There is information that you can install a metamask to your mobile phone using the mobile version of the firefox. (not exact)

5. You should turn on twofactor authentification if its able in your wallet.

6. For the security of cryptocurrency, it is possible to attract third parties. To do this, you need to create a multi-signature wallet, that is, with the possibility of verifying the transaction by several parties. "Most of the wallets of online exchangers and crypto exchanges have a mono signature, that is, the owner himself confirms the transfer of funds to someone else's account. If you open a wallet with a multi-signature, the transaction must be confirmed by a third party.

You can read about it here: https://bitcointalksearch.org/topic/which-multisig-wallets-in-android-3022369

7. When using the mobile Internet, in the wi-fi settings, you can set a static IP address and configure alternative DNS servers.
 Use free wi-fi in public places for financial operations NOT SAFE!


I wish you good luck and to be safe.
If you have any other suggestions or tips, write it, i will add them.