Hackers Stole $150 000 from MyEtherWallet

Published on 25 Apr. 2018
01  2

DNS of the website MyEtherWallet was compromised by the hacker who stole more than $150 000 in Ether from about hundred of different wallets during the complex phishing attack.

Yesterday, MyEtherWallet and its users became the victims of the complex hacker attack that included the capturing of the domain name service of the website.

According to the Reddit publication, people who used public DNS-servers were receiving a false IP-address for the website MyEtherWallet. Instead of directing to the ordinary address CloudFront, they were redirected to the Russian IP-address, where the web-server was running. When they opened the website, they saw something that imitated MyEtherWallet and prompted them to enter their private wallet keys.

The address of the hacker’s Ethereum wallet was detected and marked “Fake_Phishing899” on the Etherscan – the service that allows people to pull out the addresses from the Ethereum blockchain and find the information on their transactions.

180 transactions were carried out with this address, including the withdrawal of 215 ETH (~$150,000), that afterward were distributed among several other addresses. Maybe, the money was laundered through other cryptocurrencies.

Reddit users reacted to the threat, suggesting using the offline-version of the website or download MyEtherWallet or Parity from the Github for the full node. However, both these measures are preventive. There is no way present victims could return their losses.

The advanced form of phishing affected more than hundred people, exceeding all previous events connected with the website. During another phishing attack in October last year, hackers received $15 000 in Ether during two hours of the untargeted phishing campaign on the email. 

What concerns the present attack it could have been easily prevented if one looked at the address line with the green lock and “MyEtherWallet Inc (US)” on it. It shows that the website you want to visit has OV or EV-certificate which is almost impossible to reproduce and belongs to MyEtherWallet.

While the majority of the websites have the word “Secure” together with a green lock, which shows the domain verification certificate (DV-certificate), MyEtherWallet and the developers of other financial apps have made a step further and received the organizational (OV) or expanded verification (EV), which indicate that the checked organization is responsible for the domain.

More news

ATLANT Platform: Major Alpha Release

London, UK., Sep 3, 2017 /ATLANT/ —The  ATLANT team today released its alpha v0.1 encompassing a substantial part of the ATLANT Platform framework. ATLANT is a real estate platform built on the blockchain, specializing in tokenization of real estate and decentralized P2P rentals

04 Sep. 2017

Viberate: Revolution in the Live Music Industry

Decentralized platform Viberate provides a possibility for all willing to invest into the development of the live music industry. Crowdsale of the project that can disrupt this industry starts on September, 5.

24 Aug. 2017

The ICO of the Decentralized Ecosystem of Domain Names “Nametoken” Has Started

On August 1, 2017, the crowdfunding campaign of Nametoken has been launched. The aim of the project is the development of the platform for investing into Internet-domain names. Investors and traders will be able to profit from registration, parking, listing, buying and selling of domain names.

08 Aug. 2017