It was only couple of days ago when we wrote about MEW’s phishing attack, where hackers got away with over 200 ETH. Popular wallet’s team gave insight on the matter on Twitter, where they emphasized that they weren’t actually hacked, but phishing attack took place because the public Google DNS servers were compromised. Well, we know that already, that’s the reason you were… hacked.
In the recent tweet MyEtherWallet’s team member repeat what we already know and wrote about almost a week ago. That Google Domain Name System registration servers got hijacked, which lead to MEW users being redirected to a Russian phishing site.
All users who were compromised were using Google DNS server and they ignored the warning pop-up windows that indicated that they were not visiting a real website but imitation of it.
MyEtherWallet’s Twitter also advises to always check if the green bar of the SSL certificate corner says “MyEtherWallet Inc [US]”. There were also some rumors flying around that MyEtherWallet will reimburse the stolen Ethereum – well, they will not.
Company’s CEO Kosala Hemachandra gave an interview recently about the phishing attack, where he repeatedly said that MEW is not responsible for the phishing attack and users should be more careful with their funds. He also added an interesting fact – that there are over 6500 domain names similar to MyEtherWallet, most of them registered with an intent to do harm.
To avoid similar attacks in the future, MEW is planning to create hardware wallet that will also be free of cost. This wallet will help to create a connection with MyEtherWallet and the users private keys will that way not leave users devices.
What is MYETHERWALLET? From BitcoinWiki