MyEtherWallet was the red-hot topic a few days back due to the phishing attack where almost 216 ETH were stolen. The team spoke about the phishing attack on Twitter and gave more insight on what exactly went wrong. The team also clarified that the website wasn’t hacked and that it was a phishing attack that took place as the Google public DNS was compromised.
MyEtherWallet’s recent Twitter post says:
“Google Domain Name System registration servers were hijacked so that MEW users were redirected to a phishing site… Your security & privacy is ALWAYS priority. We do not store any of your personal details, including keys.”
They further add that the majority of the people affected by the attack were using Google DNS server and the users ignored the warning pop-up which clearly indicated that the website is imitating the MEW portal.
The team has also advised users to make sure that there is a green bar SSL certificate which says ‘MyEtherWallet Inc [US]’ and has asked to ignore any portals or Reddit posts that claim that they will be reimbursing the stolen ETH on their behalf.
During an interview with Finance Magnets, the CEO of MyEtherWallet, Kosala Hemachandra spoke regarding the phishing attack and says that the MEW is not responsible for the attack and that users ignored the warning sign. He says that if there was no warning sign and if the community thinks that MEW was in anyway responsible for the attack, then they would consider reimbursing the stolen money.
He further adds that MyEtherWallet is having an enormous amount of phishing attacks every day. There are more 6500+ domain names similar to MyEtherWallet. To avoid these attacks, they are planning on creating a hardware wallet which will be free for download and use. It will help create a P2P connection with MEW and the users private key which will not leave their phone.
Daniel Vernaza, a Twitterati says:
“Google or not google dns, your website was duplicated and due to that many of us lost ETH. “Likely” does not mean we all did it. I had no message nor errors. Blaming users is not the right approach in my opinion. It is very easy to point fingers, but hey I lost money who cares…”
He further adds:
“Not only that, when I messaged you guys that specific wallet was at 60+ ETH and there was no response until they stole over 200 ETH. Still blaming the users when this could have been stopped much sooner?”
Dawid Pietrzak, another Twitterati says:
“What the hell could’ve they done? This was a failure of a single each piece of Internet infrastructure but MEW. Someone managed to swap out a record in Google’s DNS, and certificates should prevent from that but they didn’t. MEW couldn’t do anything once the attack was rolling.”
Here at Dollar Destruction, we endeavour to bring to you the latest, most important news from around the globe. We scan the web looking for the most valuable content and dish it right up for you! The content of this article was provided by the source referenced. Dollar Destruction does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products or other materials on this page. As always, we encourage you to perform your own research!