Ethereum Users Can Spam Fake MyEtherWallet Sites With Random Private Keys

Scam and phishing are slowly becoming a more common problem for Bitcoin and cryptocurrency. In most cases, criminals will create an exact copy of an existing exchange or wallet service in the hopes of obtaining users’ login credentials. MyEtherWallet has been affected by such phishing attempts in recent weeks, adding up to significant financial losses. A new solution has been created to spam these fake sites with random private keys.

MyEtherWallet White Hat

There is nothing more annoying than having to deal with a phishing site trying to steal your precious cryptocurrency. Unfortunately, we see more and more of such sites, most of which are actually rather successful. Some of the more notorious examples in recent months include the various iterations of the Blockchain.info wallet, which aims to trick users into giving up their login credentials. It appears this threat is now expanding to other cryptocurrencies.

Cryptocurrency ICO investors are well aware of how both Slack and Telegram channels are flooded with scammers telling users to visit a fake MyEtherWallet website. Even though there is very little to be done about these attacks, it still appears a lot of people will readily click these links and log in to a phishing site. No one should click hyperlinks in emails, especially if they come from complete strangers.

MyEtherWallet users have been scammed for tens of thousands of dollars to date. Recovering all of that money is virtually impossible. It is up to individual users to spot these phishing attempts and ignore them. That has proven to be rather difficult and complicated, as cryptocurrency ICOs also attract people who have little experience with digital assets. Many of them do not know that if their funds are lost, they cannot be recovered.

One community member has taken it upon himself to try and do something about this situation. A new tool has been developed called MyEtherWalletWhitehat. The project is pretty simple, allowing people to spam MyEtherWallet phishing sites with random private keys. This will hopefully make it more difficult for these scammers to find the real ones.

This new tool should not be seen as a way to DDoS fake MyEtherWallet websites. It is recommended to use a VPN or proxy connection and use this tool at your own risk. Users can set the interval in between private key requests to whatever value they like. Rest assured, someone will try to use this tool to DDoS phishing sites as it can be set as low as 1 millisecond if needed. The default configuration should keep requests to 1 per second at best.

It appears the GitHub repo will continually scan for new “targets” to harass with this tool. It is good to see someone paying close attention to these phishing sites and try to do something about them. Whether or not a tool such as this one is the answer to many people’s prayers remains to be determined. Spamming scammers with fake information will not make them go away. Alas, this energy should be used to further educate people about these phishing sites and how to keep private keys safe.

Leave a Reply