$150K Stolen From MyEtherWallet Customers in DNS Server Hijacking

Customers of MyEtherWallet, a net application for storing and sending ether and ethereum-based tokens, expert an assault Tuesday that noticed customers of the provider shed around $152,000 well worth of ether.

The firm was speedy to inform customers to the danger, tweeting a warning at 7:29 a.m. EDT, within 15 minutes of when the hack began:

Even so, users took to social media to report that they ended up getting rid of money.

“Went on to myetherwallet and noticed that myetherwallet experienced [an] invalid connection certification in the corner,” rotistain posted to the wallet’s subreddit around 8:30 a.m. EDT, introducing:

“As quickly as I logged in, there was a countdown for about 10 seconds and A tx was made sending the accessible income I experienced on the wallet to a further wallet  ‘0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29.’ I have no concept what transpired.”

Micky Socaci, direct developer at BlockBits.io, spelled out the assault in a post to the ethereum subreddit.

“Do not use myetherwallet.com if you happen to be working with Google Community DNS ( / at this minute,” he wrote, introducing: “It appears to be these DNS servers are resolving the domain to a bad server that CAN steal your keys!”

His clarification suits with MyEtherWallet’s assertion that the assault was not on their aspect. Area Name Method (DNS) servers resolve website URLs to the appropriate IP addresses.

Funds on the go

As of press time, the affected money are getting shuffled around and broken into smaller increments, according to facts from blockchain information service provider Etherscan.

Initially, the Etherscan block explorer confirmed 0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29 as possessing obtained 179 inbound transactions starting off from 7:17 a.m. and totaling 216.06 ether, or approximately $152,000 at the time of producing.

The attacker sent 215 ether to a further handle, 0x68ca85dbf8eba69fb70ecdb78e0895f7cd94da83, at 10:15 a.m. Due to the fact then, the money have been break up further, with increments getting divided between various wallet addresses.

According to MyEtherWallet CEO Kosala Hemachandra, “all the DNS servers are resolving back to accurate addresses.”

“But I want to wait around a further [hour] or so,” he added through a dialogue on Skype.

Hemachandra explained that the hackers ended up evidently “substantial plenty of to do a DNS poisoning assault on Google public DNS servers, which made it cache a malicious IP handle for myetherwallet.com.” Google set the problem “in a very quick time,” he went on to say.

“It is seriously unlucky, we live in a world where even the most secured internet sites are susceptible to this variety of assaults,” Hemachandra advised Bit-coinTalk. “I am sad about this and I hope MEW crew will be equipped to teach customers and persuade them [to] use components wallets and regional versions of MEW

Google’s press office did not immediately answer to a request for remark.

Hacker impression by using Shutterstock.

The chief in blockchain news, Bit-coinTalk is a media outlet that strives for the greatest journalistic criteria and abides by a stringent established of editorial insurance policies. Bit-coinTalk is an impartial operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.


Please enter your comment!
Please enter your name here