Twitter and Reddit are littered with warnings of a DNS hack of Google servers that is redirecting the MyEtherWallet (MEW) website to a fake site. DO NOT TRY TO ACCESS THE WEBSITE UNTIL THE SERVERS ARE CONFIRMED AS SAFE TO USE. The fake site is believed to be in Russia and sending ether to the hacker’s wallet. There are suggestions that the hacker is trying to cash out on the Bittrex exchange, but this still needs to be confirmed.
Two addresses are reported to be in use by the hacker:
The first address looks to have collected 215 ETH ($150,000) and moved it on to a Bittrex account. The second address has so far collected 309 ETH ($216,000) with the funds being forwarded to the same account.
If you have logged into MEW today, you need to forward any funds to a new ETH address but NOT via the MEW website. The offline version of MEW is available from their GitHub site, and details of how to use it are available in this knowledge base article.
A tweet from MEW confirms the hack: “Couple of DNS servers were hijacked to resolve [MEW URL REMOVED] users to be redirected to a phishing site. This is not on @myetherwallet side, we are in the process of verifying which servers to get it resolved asap.” Alarmingly, the tweet from MEW is accompanied by posts suggesting that MEW was warned in January 2018 that they needed better DNS security.
Crypto Disrupt has regularly warned against using digital wallets to hold cryptocurrencies, and this incident demonstrates just how sophisticated the hackers are. MEW is probably the most popular digital wallet in use today, and only a quick response from the crypto community prevented millions of dollars from being siphoned off into the hacker’s account. If you do have to use digital wallets, don’t put all your funds into a single wallet and use the extra protection of the Chrome browser extension, MetaMask.
The recommended security is to always use a hardware wallet to protect your crypto from the grubby hands of hackers. Trezor and Ledger are the leading suppliers of hardware wallets, but make sure you purchase directly as some third-party suppliers have been known to ship compromised hardware.
Financial analyst, smartphone app designer, technical writer, and crypto enthusiast. Blockchain verified graduate of MOOC 9, DFIN-511: Introduction to Digital Currencies, run by the University of Nicosia.