Hacker Steals Cryptocurrency From MyEtherWallet Users

A hacker managed to phish cryptocurrency holders on Tuesday morning by briefly hijacking internet traffic from MyEtherWallet.com.

For almost ii hours, the hacker re-routed traffic from the cryptocurrency wallet provider to a lookalike version of the site. The bogus site secretly funneled whatever deposits in the Ether virtual currency to a hacker-controlled accost.

Unfortunately, dozens of people may accept roughshod for the scheme. The hacker-controlled address shows it receiving about 180 transactions during the incident, before transferring 215 in Ether (or nigh $151,000) to a separate wallet.

UK-based security researcher Kevin Beaumont noticed the set on and said the culprit was ran the false MyEtherWallet site from a server in Russia. The hacker likewise appears to be quite wealthy, and controls a wallet that contains $17 million in Ether.

To pull off the phishing scheme, the hacker exploited the Domain Name Organization, or how the spider web routes traffic. The DNS essentially acts as the internet's phone book, translating domain names to IP addresses and so that your computer can visit a website.

How the hackers tampered with the DNS traffic isn't clear. Only Beaumont said in his web log postal service that information technology involved re-routing traffic from Amazon's internet infrastructure, which is used by many major websites.

MyEtherWallet confirmed the incident just insisted it was "not due to a lack of security on the @myetherwallet platform." Instead, information technology blamed "a decade-old hacking technique [whereby] hackers find... vulnerabilities in public facing DNS servers."

"A majority of the afflicted users were using Google DNS servers. We recommend all our users to switch to Cloudflare DNS servers in the meantime," co-ordinate to MyEtherWallet, which also urged people "to ignore whatsoever tweets, reddit posts, or letters of whatever kind which claim to be giving abroad or reimbursing ETH on behalf of MEW (MyEtherWallet)."

People who visited the hacker'due south MyEtherWallet page during the incident would've encountered a pop-up on their browser, warning them that the site was a running an untrusted digital certificate. Withal, users may have ignored the warning, not realizing it meant the site was a simulated.

But maybe the larger worry is whether the hacker tin can pull off the hijacking once again. In his blog mail service, Beaumont said no i noticed the assail until afterward information technology stopped, and other sites may have been targeted, likewise.

Source: https://sea.pcmag.com/news/20774/hacker-steals-cryptocurrency-from-myetherwallet-users

Posted by: robinsondoself.blogspot.com

Share this post