Hijack of MyEtherWallet

in my •  6 years ago 

⅗ Majority of those affected were using Google DNS servers. Affected users likely clicked the "ignore" button on the SSL warning that pops up when visiting a malicious site imitating MEW. MAKE SURE there is a green bar SSL certificate that says “MyEtherWallet Inc [US]”

It appears that Amazon's DNS servers were hijacked in a malicious attack which affected MEW.

https://doublepulsar.com/hijack-of-amazons-internet-domain-service-used-to-reroute-web-traffic-for-two-hours-unnoticed-3a6f0dda6a6f

Official statement regarding DNS spoofing of MyEtherWallet domain
enviado hace 5 horas * por kvhnukeMEWForce

It is our understanding that a couple of Domain Name System registration servers were hijacked at 12PM UTC to redirect myetherwallet[dot]com users to a phishing site.

This redirecting of DNS servers is a decade-old hacking technique that aims to undermine the Internet’s routing system. It can happen to any organization, including large banks. This is not due to a lack of security on the @myetherwallet platform. It is due to hackers finding vulnerabilities in public facing DNS servers.

A majority of the affected users were using Google DNS servers. We recommend all our users to switch to Cloudflare DNS servers in the meantime.

Affected users are likely those who have clicked the "ignore" button on an SSL warning that pops up when they visited a malicious version of the MEW website.

We are currently in the process of verifying which servers were targeted to help resolve this issue as soon possible.

A message to our MEW community:

Users, PLEASE ENSURE there is a green bar SSL certificate that says “MyEtherWallet Inc” before using MEW.

We advise users to run a local (offline) copy of the MEW (MyEtherwallet).

We urge users to use hardware wallets to store their cryptocurrencies.

In the meantime we urge users to ignore any tweets, reddit posts, or messages of any kind which claim to be giving away or reimbursing ETH on behalf of MEW.

Your security and privacy is ALWAYS our priority. We do not collect or own any user data.

We greatly appreciate your patience and understanding as we try to fight against this criminal phishing attack.

To keep up this fight against phishing, we need our amazing community to support

my etherwallet hijack
6 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.00
    2 votes
    1
    Authors get paid when people like you upvote their post.
    If you enjoyed what you read here, create your account today and start earning FREE STEEM!
    Sort Order:  
  • Trending
    • [-]
      ·  6 years ago 

    Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
    https://www.reddit.com/r/MyEtherWallet/comments/8eloo9/official_statement_regarding_dns_spoofing_of/

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00