Hackers Steal $152,000 from MyEtherWallet Users

Thieves have made away with $152,000 worth of Ether in the latest hacking targeting cryptocurrencies. This time, the target was MyEtherWallet.com with attackers taking advantages of vulnerabilities in the DNS system to redirect users to a phishing site, data from Chainalysis shows.

The redirection happened for two hours before it was detected. Oracle was the first to take note of the breach. Traffic was redirected to a Russian server under the control of hackers.

Ethereum

DNS is a directory service that associates user-friendly domains to numerical IP addresses containing certain computer services. DNS attacks take advantage of the back and forth communication between clients and servers redirecting them to rogue websites where passwords and other information are stolen. The technique has been in existence for a long time.

“It is our understanding that a couple of Domain Name System registration servers were hijacked at 12 PM UTC to redirect myetherwallet[dot]com users to a phishing site, a statement from MyEtherWallet on Reddit said.

Decade-Old Technique

“This redirecting of DNS servers is a decade-old hacking technique that aims to undermine the Internet’s routing system. It can happen to any organization, including large banks. This is not due to a lack of security on the @myetherwallet platform. It is due to hackers finding vulnerabilities in public-facing DNS servers,” it added.

MyEtherWallet

MyEtherWallet says the attack mostly affected users using Google DNS Servers. “We recommend all our users to switch to Cloudflare DNS servers in the meantime.”

DNS attacks are not that uncommon. Major sites like Facebook and even Google have been affected. A similar attack targeting digital tokens saw the loss of over $400,000 worth of Stellar Lumens in January.

Affected users likely ignored an SSL certificate warning, MEW says. Users are warned to “PLEASE ENSURE there is a green bar SSL certificate that says “MyEtherWallet Inc” before using MEW.”

FOREX.com
Trade on popular Crypto markets
Go long or short on cryptos from 10p a point
A trading partner you can trust
Start Trading
Forex trading involves significant risk of loss and is not suitable for all investors.
LonghornFX
The broker offers access to a trusted MetaTrader trading system
Pricing is ensured to be completely transparent, also providing accuracy and speed.
Trade a Wide Variety of Assets with Leverage up to 1:500
Start Trading
CEX.IO
Margin Trading
Legal compliance
Cryptocurrency staking
Start Trading