MyEtherWallet (MEW) tweeted that some of its *DNS Servers have been hacked. Around 216.06 ETH (worth $150K) has been stolen.
The *DNS server hacking happened around 8:00 pm Manila Time on April 24, 2018. Data taken from Etherscan showed the number of ethers stolen, which was then sent to this ETH address: 0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29. The attacker continued to send ETH to the address 0x68ca85dbf8eba69fb70ecdb78e0895f7cd94da83 at 10:15 pm
A Redditor shared their experience on how they lost 0.9 ETH when the DNS server hacking happened.
“Woke up today, Put my computer on, went on to myetherwallet and saw that myetherwallet had an invalid connection certificate in the corner. I thought this was odd. https://i.imgur.com/2x9d7bR.png . So I double checked the url address, triple checked it, went on google, got the url . Used EAL to confirm it wasn’t a phishing site. And even though every part of my body told me not to try and log in, I did. As soon as I logged in, there was a countdown for about 10 seconds and A tx was made sending the available money I had on the wallet to another wallet, “0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29.”
DNS Servers are like the phonebook of the internet. People tend to memorize words better than numbers. This is why we use Google.com instead of 18.104.22.168, which is its address. These DNS Servers translate the words into computer language. Hacking or putting malware on DNS Servers may connect you to a different website.
After one to two hours, MEW announced that everything is back to normal. It also shared its guide to securing ethers.
Some of the tips include installing EtherAddressLookup or MetaMask as these two can warn you if you go to an unsecured website. One of the most important tips of all is to not give or enter your private keys on random websites.
You can check the Pro-Tips: How Not to get Scammed & Phished HERE.