My EtherWallet Hacked $150 000 in crypto taken in DNS scam

in #cryptocurrency7 years ago
It's not crypto unless there's we're close to the brink of excellence or absolute chaos, in this market, you really need to take the good with the bad and if you've been around long enough you should have plenty of battle scars to prove that this is true.

The crypto market was dealt yet another blow this week after MyEtherWallet (MEW), one of the most popular ERC-20 wallets on the internet, was hit by a DNS hack that saw some users lose their cryptocurrency.

Myetherwallet.jpg
Image Credits: Jon Russell / Flickr

What MEW had to say

MEW said in a statement that “a couple of Domain Name System registration servers were hijacked around 12PM UTC 24 April to redirect users to a phishing site.” Not all visitors to the site during the hijack were impacted, but MEW said that “a majority” of those who were had been using Google’s DNS.

“We are currently in the process of verifying which servers were targeted to help resolve this issue as soon as possible,” the company added, confirming that it has since secured its website. The company recommends those who had used Google DNS to switch to Cloudflare’s.

MEW response on Twitter

⅕ Google Domain Name System registration servers were hijacked earlier today at roughly 12PM UTC so that MEW users were redirected to a phishing site. This redirecting of DNS servers is a decade-old hacking technique that aims to undermine the Internet’s routing system.

— MyEtherWallet.com (@myetherwallet) 24 April 2018

Not isolated to cryptocurrency

This is by no means an issue isolated to crypto and country-specific versions of Microsoft, Google and PayPal and even banks have been hit by similar attacks before and while it may hurt some consumers now its a small price to pay for additional security for the entire network

MEW remains secure as strange as that sounds

An incident like this doesn’t compromise the site directly, but it was actually a phishing scam, in the case of MEW. The hackers had led some users of the service to insecure websites that aren’t MEW. From there, those who entered private key information without realizing they had been phished risked having their data snagged by the attackers on the other side.

What we've learned from this hack

With users providing the critical information, the attackers could gain access to their account and drain its contents. This is a very good example of why people are advised to never enter private keys manually, and why secure hardware is highly recommended.

It’s hard to quantify the impact of an attack like this because MEW is such a well-used and trusted service, while MEW said it is still gathering information on exactly what happened.

Coindesk reports that $150,000, or 216 Ether, was taken, but the figure is likely higher. One fraud tracker identified two wallets (here and here) used in the attack, and they lead to what looks like a holding wallet (here) that collected more than 520 Ether today. That would be around $365,000 at today’s price of $700 per ETH.

The actual amount taken could be higher still. The holding wallet leads to a larger wallet, which has a balance of more than $17 million in Ether and a constant stream of incoming transactions. That’s not to say that $17 million was stolen — that isn’t likely — but the attackers could be using other wallets which haven’t yet been tracked but eventually lead to this larger one.

What are your alternatives

Beyond using hardware like Trezor or Ledger, crypto wallet users — well, internet users in general — should check that the SSL of a website (shown to the left of the domain name in the browser bar) is secure when they are dealing with private information, they should also make sure they are not redirected to any other URLs other than the original URL of the wallet, do not trust any pop-ups or interstitials.

Advice from the MEW team

“Users, PLEASE ENSURE there is a green bar SSL certificate that says “MyEtherWallet Inc” before making any transactions. We advise users to run a local (offline) copy of the MEW (MyEtherWallet). We urge users to use hardware wallets to store their cryptocurrencies,” it said in a Reddit statement.

What are your alternatives

Those looking for an alternative to MEW could turn to Metamask or MyCrypto, which was started in February by a former MEW co-founder and offers a similar service. Neither site holds users’ crypto or information; instead, they allow the checking of accounts and enable transactions to be sent to the blockchain, after which they are ferried on to the intended recipient.

Have your say

Are you a MEW user? Have you since moved your funds to a new wallet? WIll you be sticking with MEW? How safe do you feel your crypto is in a hot wallet? I'd love to hear your comments so drop them below and smash that upvote button :)

Let's connect

If you want to hear more on my opinion on cryptocurrency and the current market then follow me @chekohler

Coin Marketplace

STEEM 0.23
TRX 0.26
JST 0.040
BTC 98098.76
ETH 3483.62
USDT 1.00
SBD 3.27