On April 24, 2018 the prevalent Ethereum wallet MyEtherWallet endured a phishing attack on its Public DNS. An attack on the DNS (domain name system) took the wallet clients onto some unseemly servers that resulted in the leakage of their login credentials.
MyEtherWallet confirmed the hack in an official statement on Reddit.
“It is our understanding that a couple of Domain Name System registration servers were hijacked at 12PM UTC to redirect myetherwallet[dot]com users to a phishing site. This redirecting of DNS servers is a decade-old hacking technique that aims to undermine the Internet’s routing system”
So what exactly happened?
Hackers misused vulnerabilities in two fundamental internet protocols that route internet traffic around the globe, the Border Gateway Protocol (BGP) and the Domain Name System (DNS). Such attacks are common, but in this attack hackers influenced services from Amazon, Google, and major internet service providers in the process. Security specialist Kevin Beaumont called it the biggest assault of its kind he has seen. MyEtherWallet clients saw something fishy when they visited wallet’s site and got a warning saying it was utilizing an invalid security certificate. One client on Reddit revealed seeing the warning, yet continuing to sign in at any rate since the site address and everything else about the administration gave off an impression of being fine. In the wake of signing in, a 10-second clock showed up, checking down to the wallet’s assets being exchanged out to the hacker. “I have no idea what happened,” Reddit user Rotistain posted.
The traffic of MyEtherWallet.com, a cryptocurrency website was redirected to a server hosted in Russia by hackers. They used a fake certificate and also stole the cryptocoins. The following tweet from Oracle Internet Intelligence which monitors the performance of internet is showing the routes of traffic.
BGP hijack this morning affected Amazon DNS. eNet (AS10297) of Columbus, OH announced the following more-specifics of Amazon routes from 11:05 to 13:03 UTC today:
205.251.192.0/24
205.251.193.0/24
205.251.195.0/24
205.251.197.0/24
205.251.199.0/24— InternetIntelligence (@InternetIntel) April 24, 2018
Within two hours, MyEtherWallet had issued a declaration recognizing that its clients had been diverted to a fake site (though mistakenly relegating fault to hijack of Google DNS rather than Amazon DNS):
Correction: the BGP hijack this morning was against AWS DNS not Google DNS. https://t.co/gp3VLbImpX
— InternetIntelligence (@InternetIntel) April 24, 2018
Message from MyEtherWallet
MEW has advised clients to run a local copy of MEW. Since a majority of targeted users were using Google DNS servers, it has advised users to move to Cloudflare DNS servers. It has also asked users to make sure there is a green bar SSL certificate that says “MyEtherWallet Inc” before using MEW.
Amazon AWS say:
This issue was caused by a problem with a third-party Internet provider. The issue has been resolved and the service is operating normally.
Nexo - Your Crypto Banking Account
Instant Crypto Credit Lines™ from only 5.9% APR. Earn up to 8% interest per year on your Stablecoins, USD, EUR & GBP. $100 million custodial insurance.
It is super easy to buy Ethereum. Just take a look at our exchange comparison!
Trading Bitcoin is too complicated?
We highly recommend our Crypto-Starter-Kit to you!
Or are you looking for the current Bitcoin Price in USD? Look no further!
Bitcoin Price, Ethereum Price, Ripple Price
This post may contain promotional links that help us fund the site. When you click on the links, we receive a commission - but the prices do not change for you! :)
Disclaimer: The authors of this website may have invested in crypto currencies themselves. They are not financial advisors and only express their opinions. Anyone considering investing in crypto currencies should be well informed about these high-risk assets.
Trading with financial products, especially with CFDs involves a high level of risk and is therefore not suitable for security-conscious investors. CFDs are complex instruments and carry a high risk of losing money quickly through leverage. Be aware that most private Investors lose money, if they decide to trade CFDs. Any type of trading and speculation in financial products that can produce an unusually high return is also associated with increased risk to lose money. Note that past gains are no guarantee of positive results in the future.
You might also like
More from Blockchain For Dummies
The Seven Deadly Sins Of Cryptocurrency Investing
The next bull season is almost upon us. Its just only 3 months remaining until the next Bitcoin halving and …
How to Use Dash Cryptocurrency?
The Dash (DASH) cryptocurrency is a highly developed and widely adopted crypto-asset. Its prominent features are instantly settled transactions, near …
How to Buy Cardano (ADA)?
Cardano (ADA) is a relatively new entrant in the cryptocurrency arena being first launched in October 2017, however it has …