MyEtherWallet users robbed after successful DNS hijacking attack

Unknown attackers have managed to steal approximately $150,000 in Ethereum from a number of MyEtherWallet (MEW) users, after having successfully redirected them to a phishing site posing as MyEtherWallet.com.

The redirection was seamless, and the only thing that gave some indication that the phishing site is not what it pretended to be was the warning showed to visitors saying that the TLS certificate used by the site was signed by an unknown authority (i.e., was self-signed). Those who chose to ignore the warning, accept the certificate and proceed doing their business through the phishing site had their private keys stolen and their funds taken by the attackers.

Read how the attackers were able to rob MyEtherWallet users by redirecting traffic meant for MyEtherWallet.com to a lookalike phishing site, hosted on a server in Russia, on Help Net Security.

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here