Click here to view original web page at

Popular Ethereum wallet interface MyEtherWallet (MEW) today suffered a domain name system ‎‎(DNS) hacking that sent users to the wrong servers, exposing their login ‎credentials.‎

MEW users immediately began warning one another on Twitter and Reddit. They said when ‎the user visits the purse site, he will be unnecessarily redirected ‎to a resource similar in design, but created by scammers. When ‎entering a login and password, the site steals funds from user ‎accounts.‎

Posting on Reddit, a user called “rotistain” states that a hacker gained access to his account and stole his balance.

He further wrote: “Woke up today, Put my computer on, went on to myetherwallet and saw that myetherwallet had a invalid connection certificate in the corner. I thought this was odd. . So I double checked the url address, tripple checked it, went on google, got the url . Used EAL to confirm it wasn’t a phisihing site. And even though every part of my body told me not to try and log in, I did. As soon as I logged in, there was a countdown for about 10 seconds and A tx was made sending the available money I had on the wallet to another wallet ” 0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29 “

At least 215 ETH (worth around $150,000) was transferred to a wallet called “Fake_Phishing899 which was then moved to another address.

DNS hacks can allow an attacker to direct a site’s visitors to the wrong IPs. An ‎attacker can collect login credentials for every user authenticating on the false portal.‎

At official Twitter, MyEtherWallet team tweeted that it was researching a DNS issue, but the exact scale ‎of the problem is still not defined.‎ They also confirmed the attack on Reddit and stated it would be several hours ‎before service would be fully restored.‎

Couple of DNS servers were hijacked to resolve users to be redirected to a phishing site. This is not on @myetherwallet side, we are in the process of verifying which servers to get it resolved asap.

One Reddit post noted that with such an attack, funds are at risk, and that API ‎requests and logins could have ended up being redirected to a server hosted by ‎another party.‎

About crypto currency expert

No Comments

Be the first to start a conversation

Leave a Reply

Your email address will not be published. Required fields are marked *

5 × 3 =