coincentral-main-menu-search-eyeglass
Hamburger X.

My Ether Wallet Suffers Phishing Attack After Hackers Hijack Google Public DNS

phish 2

Google Public DNS Hijacked, MEW Users Lose Funds

On April 24, 2018 the popular Ethereum wallet MyEtherWallet suffered a phishing attack on its Google Public DNS.  Some 515 ETH ($360,500) has been stolen as a result of the hack.

One Reddit user on r/myetherwallet, u/rotistain, alerted other community members of the hack this morning.  Upon waking up, rotistain accessed myetherallet.com only to notice that the link had an invalid connection certificate, labeling the site as not secure.  Proceeding anyway, rotistain used a private key to log in and was greeted with “a countdown for about 10 seconds and A tx [that sent] the available money [he] had on the wallet to another wallet.” 

Soon after this post, a handful of posts on r/cryptocurrency, r/ethereum, and r/ethtrader surfaced to warn other users of the security breach. Before the initial post on r/myetherwallet, Dent’s Twitter account tweeted a warning that Google’s DNS was returning the wrong IP for the website, as well as displaying the same invalid SSL that rotistain mentioned.

According to the multitude of Reddit posts, the faulty IP address and name server are Russian in origin. Users also tracked the filched funds back to two wallet addresses, one of which the MyEtherWallet team has labelled as Fake_Phishing899 in response to the attack.  At press time, funds have been moved from these addresses, split up, and scattered through a variety of fresh wallets to obscure their allocation.

While they have yet to corroborate the origin of the hack, the MyEtherWallet team did confirm on Twitter that a “[couple] of DNS servers were hijacked.”  The team claims that the security breach was not a result of vulnerabilities on myetherwallet.com and that they are working on resolving the issue immediately.

As with past phishing attacks that have targeted Ethereum-powered wallets or exchanges, the hacker(s) could only compromise accounts whose users entered their private keys on the fake website. As such, if you attempted to access MyEtherWallet at the time of the attack with a hardware wallet or MetaMask, your funds would be safe. Additionally, as the phishing attack hijacked the wallet service’s Google Public DNS, some users who accessed myetherwallet.com from another one of its domain name server hosts wouldn’t have run into issues.

NEWSLETTER

Newsletter (Sidebar)

  • This field is for validation purposes and should be left unchanged.

RELATED ARTICLES

cloud mining

Is Cloud Mining More Profitable than Bitcoin Mining Hardware?

In this article, we compare the costs and ROI potential of cloud mining and bitcoin mining hardware....

Read More

Iran Close to Shifting Rial to Digital Currency Due to Sanctions

Iran is about to launch its Rial digital currency, which is being developed by the Informatics Services...

Read More
Binance bull run

Binance CEO CZ Predicts a Crypto Market Bull Run

Binance CEO Changpeng Zhao, also known as CZ believes that a crypto market bull-run is inevitable. He...

Read More

NEXT ARTICLE

Getting Started Gold Bars.

NEXT ARTICLE

Iran Close to Shifting Rial to Digital Currency Due to Sanctions

Iran is about to launch its Rial digital currency, which is being developed by the Informatics Services Corporation. According to the agency’s CEO, Seyyed Abotaleb Najafi, the coin will support…

ABOUT THE AUTHOR

Getting Started Gold Bars.

ABOUT THE AUTHOR

Colin is a freelance writer and crypto-enthusiast based in Nashville, TN. When he’s not speculating crypto futures, he’s probably letting his hair down and/or heading to a music festival–because stereotypes exist for a reason.