Hack Leads to Theft of Ethereum Digital Coins from Wallet Users
An attack on the DNS (domain name system) of MyEtherWallet (MEW) interface of widely used Ethereum wallet on April 24 took the wallet users onto some inappropriate servers that resulted in the leakage of their login particulars.
It was nearly 2 hours at a stretch when the hacker diverted the users from MEW provider onto one fake website. From that website deposits of the Ethereum crypto-currency got clandestinely funneled into one hacker-controlled source. Pcmag.com posted this on the Web dated April 24, 2018.
An extremely busy crypto-currency exchange Binance posted on twitter.com that a few MEW owners reported they faced problems while loading the website. Disturbingly, many individuals may've got victimized with the scam. Evidently, there were approximately 180 transactions coming into the address under the control of the hacker during the attack after which 215 Ether coins equivalent of $151,000 were transferred to one different wallet.
As the phony site of original MyEtherWallet.com used one unreliable TLS/SSL certificate, victims were made to follow an error message of HTTPS kind. Over time the dacoits garnered $17 million worth of Ethereum into their wallet.
As MyEtherWallet explains via the Reddit site, the attackers managed compromising several DNS servers for diverting users of the Ether wallet who wanted accessing myetherwallet.com and made them to land on one phishing site in place of the real site where their account details were filched.
MEW, which has confirmed the hack, recalls several accusations about one DNS hack targeted on it during January. The accusations were from BLUE (Ethereum Blue) developers that MEW then categorically dismissed as certain foolish lie.
On April 24, reports came in about issues disturbing the DNS facility of Google. Binance twitted early morning informing users there were problems that Google DNS had been facing. It seems people using the platform were affected. However, there apparently isn't any indication that Google DNS problem has a connection with the DNS compromise of MEW.
Visitors diverted onto the fake MEW site at the time of the incident would have seen on their screen a pop-up cautioning about the website providing a dubious digital certificate.
» SPAMfighter News - 4/30/2018
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!