MyEtherWallet announced earlier this week that the safety measurements of its Hola VPN browser were compromised which created a five-hour gap of security exposure for users on the network.
As soon as it gained the attention of the matter, the multinational web wallet service provider announced a warning to users to transfer funds immediately to ensure safety from hacking.
Urgent! If you have Hola chrome extension installed and used MEW within the last 24 hrs, please transfer your funds immediately to a brand new account!
— MyEtherWallet.com (@myetherwallet) July 10, 2018
Hola VPN is MyEtherWallet’s browser extension which is freely offered to users of which there are nearly 50 million, and the break in security allowed hackers to gain access into and track the accounts of users who were actively using the site at the time. As the company stated, only those who had installed the extension within the previous 24 hours could be threatened by attack and the activity of frequent users were not affected nor ran the risk of being tracked.
The company has suggested that the attack appears to have come courtesy of a Russian-based IP address and has offered advice and insight into the attack.
“The safety and security of [MyEtherWallet] users is our priority. We’d like to remind our users that we do not hold their personal data, including passwords so they can be assured that the hackers would not get their hands on that information if they have not interacted with the Hola chrome extension in the past day.”
Earlier this year MyEtherWallet faced another hack attack which saw $150,000 USD worth of the users’ Ether ransacked in a DNS attack and the situation was broadcast within fifteen minutes.
It has not been disclosed yet how many accounts were directly affected by this recent five-hour attack or what the total cost of the compromise of security has been thus far.