MyEtherWallet users robbed after successful DNS hijacking attack

Unknown attackers have managed to steal approximately $150,000 in Ethereum from a number of MyEtherWallet (MEW) users, after having successfully redirected them to a phishing site posing as

The redirection was seamless, and the only thing that gave some indication that the phishing site is not what it pretended to be was the warning showed to visitors saying that the TLS certificate used by the site was signed by an unknown authority (i.e., was self-signed). Those who chose to ignore the warning, accept the certificate and proceed doing their business through the phishing site had their private keys stolen and their funds taken by the attackers.

Read how the attackers were able to rob MyEtherWallet users by redirecting traffic meant for to a lookalike phishing site, hosted on a server in Russia, on Help Net Security.

Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief