24 APR MyEtherWallet, one of the most popular online wallets Ethereum was attacked. Hacked DNS servers redirect users to the phishing site. At the time of writing (21-30 GMT) we know of one case of theft: stolen 215 ETH
(about $150 000). Users logged on myetherwallet.com using Google’s DNS (220.127.116.11./18.104.22.168) were redirected to the attacker’s server with an invalid certificate, which could steal private keys:
Apparently, 20-30 MSK Google solved the problem: SSL connection indicator on the website shows that everything is in order (the name of the company is green and a lock symbol in the upper left corner of the address bar of the browser). However, no official statements have not yet been, so we cannot say with full confidence that the problem is eliminated.
Former employee MyEtherWallet, and now a developer of a competing project MyCrypto in a post on Reddit gives users the following tips:
What to do in such a situation
If you went to MEW in the past four hours, I entered the private key or has opened an account using a key file, or led-phrase — check the balance on etherscan.io to make sure that you do not become a victim.
Transfer funds to a new wallet, even if nothing’s happened, yet, but not going to the site. MEW create the transaction offline, according to the instructions.
If you’ve never used MEW for the last four hours Metamask, Ledger Nano’s or best wallet — your money is safe, as the keys, key files and passwords are not transmitted in the network even when sending the transaction.
In any case, do not enter the site MEW until then, until there is confirmation that the problem is solved.
Due to the February conflict between co-founders MyEtherWallet, most of the team (some 19 out of 20 people) moved into the MyCrypto project. It is possible that the cracking was due to the fact that MEW is almost gone developers, although to say nothing yet. While only the unknown burglar can tell what really happened.
The attack on DNS is not a new phenomenon. In the same way in December was hacked a decentralized market EtherDelta. Interestingly, and then hacking DNS redirection to a phishing site occurred against the backdrop of a dark and still not clear the story with the sale EtherDelta
to persons unknown.