My Ether Wallet Suffers Phishing Attack After Hackers Hijack Google Public DNS

Lloyd Doyle
April 25, 2018

The attackers used BGP to reroute traffic to Amazon's Route 53 service, the largest commercial cloud provider, using a man in the middle attack using a server at Equinix in Chicago, he explained.

The hijack affected 1,300 internet protocol addresses hosted by AWS for approximately two hours from around 7 a.m. EDT, with the attackers redirecting traffic to sites they own for the period.

"The attackers appeared to use one server masquerading as cryptocurrency website to steal digital coins from unwitting end users", reports Dan Goodin in Ars Technica. MyEtherWallet officials said the hijacking was used to send end users to a phishing site...

"This is not due to a lack of security on the @myetherwallet platform", the company said on Reddit. What is clear, though, is that the attackers already have a large holding of Ethereum, with a wallet linked to the attack showing a balance of more than $17 million. Before the initial post on r/myetherwallet, Dent's Twitter account tweeted a warning that Google's DNS was returning the wrong IP for the website, as well as displaying the same invalid SSL that rotistain mentioned. "We recommend all our users to switch to Cloudflare DNS servers in the meantime", the statement added.

The company added that it is now in the process of verifying which servers were targeted to resolve this issue.

In addition to storing funds in a hardware wallet, they said that users should download and run an offline copy of MyEtherWallet, which can be obtained from the company's code repository on GitHub. Always look for the green SSL Certificate next to the address. This would indicate that the site you're visiting has an OV or EV certificate (which is virtually impossible to replicate) belonging to MyEtherWallet.

We greatly appreciate your patience and understanding as we try to fight against this criminal phishing attack. Competitors would have been subjected to the hack, due to MEW integration, but KeepKey remains the only hardware solution that supports ERC-20 tokens natively.

Other reports by Iphone Fresh

Discuss This Article