Hacker steals over R4 million from MyEtherWallet users

Hundreds of MyEtherWallet users had their Ethereum stolen after an attacker hijacked DNS registration servers.

The wallet provider confirmed the attack on Twitter, stating that many users were redirected to a phishing site instead of the legitimate MyEtherWallet page.

Affected users were presented with an invalid security certificate warning upon being redirected, but many ignored this and continued to access their Ethereum wallets.

According to Internet Intelligence, it was Amazon’s DNS that was hijacked, and any users who used these DNS servers were vulnerable.

The attacker siphoned funds to at least two addresses, which are now tagged on Ethereum block explorer Etherscan as Fake_Phishing900.

The addresses show that at least 523 Ethereum was stolen from MyEtherWaller users, which is around R4.2 million.

The funds have since been moved from the original addresses used in the attack.

“This redirecting of DNS servers is a decade-old hacking technique that aims to undermine the Internet’s routing system,” said MyEtherWallet in a statement.

“It can happen to any organisation, including large banks. This is not due to a lack of security on the MyEtherWallet platform,” said MyEtherWallet.

Now read: Bitcoin surges while stock market falls

Latest news

Partner Content

Show comments


Share this article
Hacker steals over R4 million from MyEtherWallet users