MEW DNS Poisoning Attack Details: How to protect yourself?


MEW DNS poisoning attack has been carried out yesterday morning, as some of the MEW users fell victim to a phishing scam that misled them into giving out their wallet keys before transferring their cryptocurrency into a supposed hackers’ associated digital wallet.

25 April, AtoZ Markets MyEtherWallet DNS Servers were reportedly hijacked and made to redirect users to a phishing site. Multiple online reports state that this was a classic poisoning attack.

MEW DNS Poisoning Attack Details

Just yesterday morning, servers that are providing domain name system (DNS) service to MyEtherWallet (MEW) have been hijacked. The criminals have carried out so-called DNS cache poisoning, which is a means of hijacking Border Gateway Protocol (BGP)

Some of the MEW users fell victim to a phishing scam that misled them into giving out their wallet keys before transferring their cryptocurrency into a supposed hackers’ associated digital wallet. Online media reports state that the attacker has stolen 215 Ether, the equivalent of $160,000 at the time of the transaction.

The founder of MyEtherWallet, Kosala Hemachandra, has commented on the case:

“It was a DNS poisoning attack on myeitherwallet.com. We suspect that Google DNS cached it and a lot of other DNS servers cached it as well. It wasn’t on our end. Our hands were tied.”

DNS poisoning is a specific type of IP address hijacking that has certain venom when used against financial services due to the exposure of those to their clients’ finances. This scam is particularly dangerous because it can spread easily from one server to another.

How to protect yourself?

Hackers use attack vectors that make use of weakness in the internet’s domain name system. They do so in the attempt to redirect internet traffic to fraudulent server and websites that resemble the genuine websites.

MEW has made an announcement to the ecosystem. The company has issued a set of reminders that should be taken as vital for users:

“PLEASE ENSURE there is a green bar SSL certificate that says “MyEtherWallet Inc” before using MEW.

We advise users to run a local (offline) copy of the MEW (MyEtherwallet). 

We urge users to use hardware wallets to store their cryptocurrencies.”

While such cryptocurrency hack attacks begin to emerge more often these days, the platforms do their best to protect users’ data and funds. However, still, the safety of a user is mostly remaining it his own hands.

Think we missed something? Let us know in the comments section below.

    Share Your Opinion, Write a Comment