MyEtherWallet users fell prey to a hack on Tuesday which saw the loss of around $152,000 USD worth of Ether.
The company, which caters for storage and sending of Ethereum-based coins, warned its users of the attacked within fifteen minutes via Twitter.
Couple of DNS servers were hijacked to resolve https://t.co/xwxRJ4H4i8 users to be redirected to a phishing site. This is not on @myetherwallet side, we are in the process of verifying which servers to get it resolved asap.
— MyEtherWallet.com (@myetherwallet) April 24, 2018
Users also rapidly reported the loss on social media, looking for an answer to the situation. One user posted that he “saw that myetherwallet had an invalid connection certificate in the corner”. He continued that he had double and triple checked the URL to confirm it was not a phishing site to score funds from vulnerable users and then he “logged in, there was a countdown for about 10 seconds and A tx was made sending the available money I had on the wallet to another wallet.”
Lead developer at BlockBits.io Micky Socaci threw light on the situation, saying that users of MyEtherWallet using Google Public’s Domain Name System (DNS) protocol were vulnerable at that moment and suggested avoiding the system.
MyEtherWallet representatives confirm that the hack wasn’t on the app and have discovered that the odd activity was the result of an attack on Amazon Web Services DNS.
Correction: the BGP hijack this morning was against AWS DNS not Google DNS. https://t.co/gp3VLbImpX
— InternetIntelligence (@InternetIntel) April 24, 2018
Etherscan stats show that the hacker has managed to gain more than 215 ETH and it appears that the affected funds are being divided up and moved around to multiple wallet addresses. At the time of press, the extent of the attack is still unclear.
Owing to the fact that a DNS attack happens when the hacker changes the DNS certificates of the company and then hijacks the website domains to take users to fake sites, where they can gain the login details of users, it might be impossible for the stolen funds to be recovered.
MyEtherWallet CEO Kosala Hemachandra remarked that it is a shame that “we live in a world where even the most secured websites are prone to this kind of attacks,” and that the situation makes upsets him and he “[hopes the] MEW team will be able to educate users and convince them [to] use hardware wallets and local versions of MEW.”