Bitcoin Forum

Popular Ethereum wallet interface MyEtherWallet has succumbed to a DNS hijacking attack that allowed a hacker to redirect users to a malicious version of the website and phish their private keys.

The incident was first reported on social media by users claiming to have been affected by th

e breach, and MyEtherWallet later confirmed it on Twitter.

“Couple of DNS servers were hijacked to resolve myetherwallet.com users to be redirected to a phishing site,” the company said. “This is not on @myetherwallet side, we are in the process of verifying which servers to get it resolved asap.”

It’s unclear how the hackers were able to gain control of MyEtherWallet’s Domain Name System (DNS), but this type of attack has exploited cryptocurrency-related websites on multiple occasions.

As in previous cases, the malicious website phished user’s private keys when they entered them into the fraudulent MyEtherWallet client.

It appears that the hacker obtained about 215 ETH (~$150,000) from the attack, which lasted several hours. One unfortunate user lost more than 85 ETH, worth nearly $60,000.

Coins stolen as part of the attack have been funneled into this wallet, which contains more than $17 million in ETH and has been linked to previous phishing scams.

Users who accessed the fraudulent website using a hardware wallet such as Trezor were protected from the private key exploit, though it’s possible that the malicious website could have replaced the address to which they were attempting to send their coins with a false one controlled by the hacker.