Categories: CryptoNews

Recent MyEtherWallet Incident Highlights Inherent Internet Security Flaws

It is not the first time someone has managed to steal Ethereum. Unfortunately, such incidents have only become more apparent and gotten worse over time. It seems MyEtherWallet has fallen victim to yet another hack, even though the platform itself was apparently not to blame. Instead, the platform’s SSL certificate was “targeted” in an attack.

Another MyEtherWallet Incident Takes Place

Whenever a popular online service is involved with financial transactions of any kind, it will attract unwanted attention from various criminals. In the case of MyEtherWallet, there have been some hiccups along the way. This latest incident, however, is a lot more worrisome than some of the previous incidents. Some of the platform’s servers used an unsigned SSL certificate and redirected visitors to a server in Russia.

Anyone falling victim to this redirection saw their wallet emptied in short order. Several thousands of dollars have been stolen already, although it remains to be seen if that is the final tally. It took all but two hours to shut down this attack, but a lot of money was stolen regardless due to the popularity of the MyEtherWallet service.

At the time of writing, the MyEtherWallet team was conducting an investigation to determine which servers were targeted. Users are always advised to run a local offline copy of MyEtherWallet rather than connect to the online platform. This latter option remains more popular because most cryptocurrency users will always prefer convenience over security. In some cases, they will pay the price for it.

Related Post

It is important to note this hijack has nothing to do with compromising MyEtherWallet itself. Instead, the attackers intercepted DNS requests for the website. It seems this was a direct result of using Google’s DNS service, combined with a forged communication through Amazon’s system. It seems an upstream ISP was compromised to announce a subset of Route 53 IP addresses to networks peered with this ISP. It was a very elaborate attack, albeit one that was seemingly pulled off with relative ease.

Although such blatant attacks are rather uncommon, they will not necessarily become less popular. This type of attack highlights a massive flaw in a cornerstone of the internet’s infrastructure and has not been properly addressed ever since it first became popular many years ago. It remains unclear if the ongoing investigation will dig up any other affected services. 

Whether or not MyEtherWallet will reimburse users affected by this heist remains to be seen. It is evident the stolen money has to be recovered somehow. Since no one knows who the culprit is or where they are located, the traditional method appears to be out of the question completely. It’s a very troublesome story well worth keeping an eye on, and one that highlights the need for improved internet security in general.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Altcoin Alert: Crypto Market Cap Breaches Key Level Hinting at an 8000x Rally for this Shiba Inu Killer

Shiba Inu (SHIB) gave enormous returns in 2021, making many early holders millionaires. After the…

2 hours ago

XRP Crash? XRP Falls Below $0.5 Resistance Level as Next Gen Altcoin JetBolt Takes Over

Spooky season might be over but doom is still looming as Ripple’s XRP falls below…

5 hours ago

This New Exchange Token Is Poised for a Price Surge Alongside Cardano and Avalanche – Analysts Predict Huge Gains This November

Three promising altcoins are causing a stir among investors this November: Avalanche (AVAX), Cardano (ADA),…

5 hours ago

With Dogecoin Dipping and TRON Holding, Is Lunex the Hottest Crypto Now?  

Everyone knows what the hottest crypto can do. When it was so hot it was…

5 hours ago

Tron Fees To Be Cut In Half Through Proposal 95, Cutoshi Surpasses $600k As TRX Investors Join CUTO Presale

The Tron network has witnessed incredible growth in several areas, especially in its adoption, which…

7 hours ago

$Pepe Whale Sell-Off And Fund Transfers Stir Volatility In Meme Coin Market

Recently, major $PEPE holder Flow Traders transferred 520 billion $PEPE tokens—worth approximately $4.73 million—from address…

15 hours ago