Hundreds of MyEtherWallet users had their Ethereum stolen after an attacker hijacked DNS registration servers.
The wallet provider confirmed the attack on Twitter, stating that many users were redirected to a phishing site instead of the legitimate MyEtherWallet page.
Affected users were presented with an invalid security certificate warning upon being redirected, but many ignored this and continued to access their Ethereum wallets.
According to Internet Intelligence, it was Amazon’s DNS that was hijacked, and any users who used these DNS servers were vulnerable.
The addresses show that at least 523 Ethereum was stolen from MyEtherWaller users, which is around R4.2 million.
The funds have since been moved from the original addresses used in the attack.
“This redirecting of DNS servers is a decade-old hacking technique that aims to undermine the Internet’s routing system,” said MyEtherWallet in a statement.
“It can happen to any organisation, including large banks. This is not due to a lack of security on the MyEtherWallet platform,” said MyEtherWallet.