MyEtherWallet Hacked using Google DNS redirect phishing trick by Russian hackers

This time again, there is a massive concern, tears and financial loss in the crypto world. One of the most popular web-wallet hosting service MyEtherWallet was hit by a couple of DNS servers hijack attacks by the Russian hackers.

MyEtherWallet (MEW), confirmed the attack via a tweet this morning that:

“A couple of Domain Name System registration servers were hijacked around 12 PM UTC 24 April to redirect users to a phishing site.”

MEW stated that all the visitors to the site were not hit during the hijack, but a majority of users who had been using Google DNS servers were affected.

The reports from MyEtherWallet read:

“We are currently in the process of verifying which servers were targeted to help resolve this issue as soon as possible,”

Subsequently, to not take any chances further, people using MyEtherWallet (MEW) are requested by the company to switch to Cloudflare DNS servers. Besides, the company confirmed that it had its website fully-secured and everything is under control now.

Not only MEW, Google, PayPal, Wikipedia, Microsoft and even banks have also been hit by similar hacks before.

The hackers don't seem to have compromised MEW itself. However, they aimed at hitting the infrastructure of the internet as they intercepted DNS requests for http://myetherwallet.com. To illustrate, the attackers made their Russian servers seem look like the owner of the address.

Now, MEW is a trusted and well-used service, that's why it's pretty hard to measure the impact of this attack. Understandably, the company is still collecting the information about what exactly happened. Also, the company is working to resolve the remaining issues.

If we talk about the figures, hackers got away with almost $152,000 worth of Ether or 216 Ether, as per reports from Coindesk. However, the exact value could be slightly higher when we reach to the detailed reports soon. The news also came that a fraud tracker identified the two wallets used in the hack, leading to a larger holding wallet that what the company itself reported. As per the fraud tracking firm, attackers appear to have taken at least $365,000 or 520 Ether at yesterday’s price of $700 per ETH.

So as it seems, no matter what the company says, the actual amount stolen is still higher. And who knows even if the fraud tracker might also be at its innitial estimates, as judging by the wallet activity, hackers might have stolen $17 million worth of Ether. I’m not 100% sure that the attackers carried away $17 million, but it is likely possible, that they might be using other digital wallets which haven’t been tracked yet.

An obvious lesson that this Ethereum hack teaches is, crypto wallet customers, as well as internet users, should always check that the SSL of a website in general, along with the use of hardware like Ledger and Trezor when dealing with private information.

MEW representatives issued a statement, in a Reddit post directed towards the MyEtherWallet community:

“Users, PLEASE ENSURE there is a green bar SSL certificate that says “MyEtherWallet Inc” before making any transactions. We advise users to run a local (offline) copy of the MEW (MyEtherWallet). We urge users to use hardware wallets to store their cryptocurrencies.”

In February, Taylor Monahan, Ex co-founder of MEW, stated that:

“Those looking for an alternative to MEW could turn to MyCrypto” while launching a similar service.

Instead of holding users crypto or information, the site (MyCrypto) allows the users the checking of their accounts and aids transactions through blockchain, after which they are carried to the intended recipient.