UPDATED> ALERT MY ETHER WALLET WAS HACKED!!!
Alert everyone, hackers got access to the MEW DNS spoofing it, the moment you login they will take all your funds.
Do not access the wallet!!!
"PSA: There seems to be issues with myetherwallet.com as of right now; Users reported the SSL-Certificate was not verified/trusted and others have reported that funds were transferred to a third-party wallet.
If you use Metamask, please always make sure that the SSL-Certificate is signed by DigiCert Inc for MyEtherWallet Inc with the following SHA-256 fingerprint: 13:31:94:78:9E:44:41:4B:F0:33:D8:66:68:6A:45:B3:61:25:82:0A:49:52:8F:E4:C5:54:18:7A:22:9B:BF:10"
So far more than 200 ETH are being stolen into the hacker account;
https://etherscan.io/address/0x1d50588c0aa11959a5c28831ce3dc5f1d3120d29#comments
I will update as news come out!
Update from MEW:
:warning:MyEtherWallet Update:warning:
The company has responded. Amazon’s DNS servers were hijacked (need we express the growing importance of decentralization?) and for a period of a few hours - starting around 12pm UTC - users were unknowlingly redirected to a phising site, resulting in funds being stolen.
Over $150k worth of ETH was transferred to an address with over $20mm worth of crypto in it. Those behind the attack are very sophisticated.
Read more here: https://tinyurl.com/ybsuw5ur
So what do we do now?
MEW has reported everything is back to normal. They mentioned “affected users likely clicked the "ignore" button on the SSL warning that pops up when visiting a malicious site imitating MEW. MAKE SURE there is a green bar SSL certificate that says ‘MyEtherWallet Inc [US]’”
If you’re not comfortable using MEW, you can use MyCrypto.com (read our post about it from February here: https://t.me/BitcoinBravado/899 )
:lock: We also strongly recommend you pick up a hardware wallet, like the Ledger Nano S ( https://tinyurl.com/y9m855lt ).
If you wish to check your balances without using any third party like MEW or MyCrypto, simply paste your ETH address into Etherscan.io
We hope our message got out in time to prevent anyone else from logging in and being affected. Stay safe out there :facepunch:
@Santana33 | ||
---|---|---|
| ||
I wish someone could catch these thieving bastards, cheers for the information. Thanks mike
I am glad that you saw it on time. Is quite hard to get these cheat bastards, that is one of the bad things on cryptos, is much easier to take your money and move it around until you lose the trace.
They are bastards, I hope you can recover your money in some way, cheers mike
Hehe, I am lucky I did not get into MEW that day, I was not caught into the thing. Normally I pay attention to my web certificate, plus I use a Json file, I will not put the private key into that website. That's the only thing I do not like about steemit, how many times you need to use your passwords.
Maybe Steemit will fix that soon. Cheers mike
Thx for the warning. Will not login for the moment!
I am happy that some people may have seen this post on time before getting reaped by the hackers. Outmost discretion needs to be taken these days!
Don't really know how they get to do that. Mine was tempered with few days ago!
They exploited the use of MEW for open ports, like the ones used by google. Other companies choose to pay for specific DNS which can not be spoofed.
Also, the problem is on people just accessing some websites without taking care of the certificate warning.
Always look for this in any website you visit, even more when dealing with crypto wallets, otherwise the safest is to have a hardware wallet.
Tanx for such great information. It sure gonna be of great help in time to come...
thanks for sharing you always come with great Writting skillss and always write awesome articles keep it up Hope you also visit my blog thanks
Thanks for your kind words Cordyline, hope you keep writing and growing with us in Steemit!
Nice post