Hackers Steal $152,000 from MyEtherWallet Users


Thieves have made away with $152,000 worth of Ether in the latest hacking targeting cryptocurrencies. This time, the target was with attackers taking advantages of vulnerabilities in the DNS system to redirect users to a phishing site, data from Chainalysis shows.

The redirection happened for two hours before it was detected. Oracle was the first to take note of the breach. Traffic was redirected to a Russian server under the control of hackers.


DNS is a directory service that associates user-friendly domains to numerical IP addresses containing certain computer services. DNS attacks take advantage of the back and forth communication between clients and servers redirecting them to rogue websites where passwords and other information are stolen. The technique has been in existence for a long time.

“It is our understanding that a couple of Domain Name System registration servers were hijacked at 12 PM UTC to redirect myetherwallet[dot]com users to a phishing site, a statement from MyEtherWallet on Reddit said.

Decade-Old Technique

“This redirecting of DNS servers is a decade-old hacking technique that aims to undermine the Internet’s routing system. It can happen to any organization, including large banks. This is not due to a lack of security on the @myetherwallet platform. It is due to hackers finding vulnerabilities in public-facing DNS servers,” it added.


MyEtherWallet says the attack mostly affected users using Google DNS Servers. “We recommend all our users to switch to Cloudflare DNS servers in the meantime.”

DNS attacks are not that uncommon. Major sites like Facebook and even Google have been affected. A similar attack targeting digital tokens saw the loss of over $400,000 worth of Stellar Lumens in January.

Affected users likely ignored an SSL certificate warning, MEW says. Users are warned to “PLEASE ENSURE there is a green bar SSL certificate that says “MyEtherWallet Inc” before using MEW.”

Rate this post

Add Comment

Investing is speculative. When investing your capital is at risk. This site is not intended for use in jurisdictions in which the trading or investments described are prohibited and should only be used by such persons and in such ways as are legally permitted. Your investment may not qualify for investor protection in your country or state of residence, so please conduct your own due diligence. This website is free for you to use but we may receive commission from the companies we feature on this site. Click here for more information.