Ether Stolen, MyEther Wallet (BTCManager).

MyEtherWallet (MEW), the most popular Ethereum web-based wallet fell victim to a DNS hack on April 24, 2018. Comments made by wallet users on social media and online crypto forums reveal that funds have indeed been stolen from their wallets. MyCrypto, a rival service to MEW, confirmed the occurrence of the hack and informed MEW users that their accounts had been compromised. This is yet another DNS-based attack in the crypto community which shows the vulnerability inherent in a single point of failure. Etherdelta, for instance, was the victim of a similar hack in December 2017.

Reports of Missing Funds from Wallet Users

It began when MEW users started reporting suspicious activities on the MEW web interface. The news was broken by a MEW-user on Reddit r/rotistain, saying that they had fallen victim to a phishing scam. Apparently, the user had logged on the MEW service and seen that the connection was not secure which was an anomaly.

The user proceeded to check if the site was a phishing site but all checks proved negative and despite their better judgment, proceeded to log in. The user ended up losing 0.09 ETH which was all the money that was in the user’s wallet.

Not too long after the story broke, MEW published a confirmation tweet. Earlier in the year, MEW had debunked rumors that it had been hacked. This time around, it appears the wallet provider had indeed been breached.

The user proceeded to check if the site was a phishing site but all checks proved negative and despite their better judgment, proceeded to log in. The user ended up losing 0.09 ETH which was all the money that was in the user’s wallet.

DNS Down and Confirmation from Rival Service

Read more on BTCManager