On the night of 21 December (in Moscow), Internet-domain decentralized exchange Etherdelta was attacked. As a result of hacking of DNS servers, when I attempt to browse the domain Etherdelta.com the user is redirected to a fake page of the exchange created by hackers. When you try to perform any operation on Etherdelta browser Metamask, a hacker gains access to the private keys of the user wallet associated with the Metamask and can bring out the ETH, and the tokens from the deposits Etherdelta. Reported multiple cases of theft.
At the moment we know the following:
If you did not go to Etherdelta for the last 10 hours, most likely, your balance is not compromised.
If you went to Etherdelta recently and successfully carried out the transaction, most likely, your balance is not compromised, but it is necessary to take precautions.
If you went to Etherdelta, but did not enter a private key and has not signed the transaction, most likely, means a whole.
Currently, when you try to go to Etherdelta open Metamask, the user receives message on breaking. Basic smart contract Etherdelta not hacked, he’s just unavailable for your DNS address.
Previously, developers Etherdelta has published guidelines on interaction with smart contract, bypassing the interface Etherdelta, following which you can withdraw funds from the Deposit using MyEtherWallet.
Hacking DNS servers configuration is not something new. In most cases, this happens for two reasons:
Insufficient security measures for the restoration of credentials to a hosting company.
Social engineering techniques – circumvention of technical support to get the password reset.
The full situation is still unclear. Even if Etherdelta will again be available online, should avoid trying to conduct transactions until the appearance of a signed message from the admins of the exchange with a complete picture of what happened
The incident confirms the need for a speedy transition of decentralized exchanges in a distributed system of domain names Ethereum ENS.