May 1, 2018 10:24 UTC

| Updated:

May 1, 2018 at 10:24 UTC

Major Phishing Activities at MyEtherWallet

By Dmitriy

MyEtherWallet was recently caught up in the news due to a huge phishing attack that they survived in which almost 216 ETH were stolen. Before we proceed, what exactly is MyEtherWallet? MyEtherWallet (MEW) is a free, open source tool for creating wallets that work with the Ethereum platform. It uses the blockchain technology to make transactions.

A lot of users were in a mass frenzy since their Ethers were stolen. The company spoke openly about the phishing attack on their Twitter account. They claim that their website wasn’t hacked but instead there was a problem with the Google public DNS system. Further, they confirmed that Google’s Public Domain Name registration servers were hacked. So whenever any MEW user went onto the website, they were redirected to a phishing site and many as a result ended up losing their ETH.

Since the website does not store any personal information, including keys, the MEW has relinquished any responsibility for the attack. The company was seen defending itself and instead of blaming the users for their carelessness. They accused users of disregarding the warning pop up which indicated that the website is imitating the MEW portal. 

The company is now taking some active steps to warn their users about this scam. They have asked the users to check for the green bar SSL certificate which reads  MyEtherWallet Inc [US]. Apart from this, the users have also been advised to ignore any Reddit posts which claim to refund their ETH on behalf of MEW.

A lot of users are agitated with the company’s response and subsequent finger pointing towards the users after the attack. Kosala Hemachandra, who is the CEO of MyEtherWallet, said during an interview with Finance Magnets, that the phishing attack was unfortunate but that MEW was not going to take any responsibility for it since it was the users who ignored the warning sign. He says that MEW would only consider reimbursing the stolen money if the community collectively blamed MEW for the attack and if they found out that there was in fact, no warning pop up sign.

The company confessed to being a victim of several such phishing attacks on a daily basis since there are a lot of domain names similar to MEW’s. The company now plans to build a hardware wallet which would help create a P2P connection with MEW and the user’s private key, which will not leave their phone, thereby preventing them from falling prey to phishing attacks henceforth.

Dmitriy

Having majored in Social Psychology and Economics, I worked as a team lead of a tech and fundamental analysis lab in the Applied System Analysis Research Institute. I write financial articles for various international media. I also hold the position of a Chief Analyst at RoboForex.

    Related Posts

    TOKEN2049 Dubai Hailed as an Outstanding Success, with 10,000 Attendees

    READ MORE 5 days ago

    Why Ethereum Price Jumped to $2100 in November 2023

    READ MORE 6 months ago

    Good News for Asian Blockchian Stratups, Hong Kong’s CMCC Global Launches $100 Million Crypto Fund

    READ MORE 7 months ago

    Without these three crucial “transitions,” Ethereum “fails,” according to Vitalik Buterin

    READ MORE 11 months ago

    Cumberland Labs releases a SaaS API for DeFi protocols and public blockchains

    READ MORE 11 months ago

    ‘Adversarial states’ could win the blockchain arms race — group of US crypto advocates

    READ MORE 12 months ago

    Just as Lido withdrawals begin, Celsius moves $781 million in stETH.

    READ MORE 12 months ago