Bitcoin Forum
November 02, 2024, 05:01:05 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: MyEtherWallet Hacked  (Read 2256 times)
millerfilm (OP)
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile WWW
October 20, 2017, 10:24:15 PM
 #1

I have very serious concerns with the security, or the lack of security, of MyEtherWallet.

The only wallet I know of that will transact in ICO Tokens is MyEtherWallet. Every ICO I have ever come across says to use MyEtherWallet.

I have had problems using MyEtherWallet. I will access it with the information that only I have access to. There are times that my balance will not show. I have to come back later to access the wallet so I can see my balance.

Now, the 1.5 ETH and 3000 KICK Tokens I had in there look like they are gone. I have accessed Etherscan and both my ETH and my Tokens were withdrawn to this address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be

Etherscan: https://etherscan.io/address/0x88404e743442886f04443c2624917df46d2deef5

Ethplorer: https://ethplorer.io/address/0x88404e743442886f04443c2624917df46d2deef5

You can see that whoever this person is, they have grabbed many KICK tokens from many addresses: https://etherscan.io/address/0xf7860ea76a36ee83abb7f88d3c773f0440e178be#tokentxns

Also, you can see that the address the KICK tokens were withdrawn to has taken in tons of other kinds of tokens:
https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns

And, yes, I don't know if I should be posting this transactional information on here, but what does it matter? Everything has been taken out of my wallet.

Questions:

Is MyEtherWallet that vulnerable to hacking?

I carefully safeguard my access information to MyEtherWallet. No one else has access to it. I only log on directly to http://www.myetherwallet.com. I subscribe to MalwareBytes, which is easily the most robust protection I have ever used. I do not click on third-party links or email links for financial sites.

But, still, my ETH and Tokens are gone to that address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be And, I am guessing I have zero recourse. Is that correct? Can anybody just hack into something like MyEtherWallet and take your coin and tokens?

Thank you for your time and assistance with this. I appreciate it!
batang_bitcoin
Hero Member
*****
Offline Offline

Activity: 3150
Merit: 609


OrangeFren.com


View Profile
October 20, 2017, 11:07:49 PM
 #2

Well if you never visited MEW lookalike website, possibly that someone knows your private keys. Have you ever written your private keys on the web/email address? And what possible happened was someone has breached and got those private keys you have kept on your email and he just accessed it without you noticing it. Better not to use the same address anymore and sorry for your loss.

millerfilm (OP)
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile WWW
October 20, 2017, 11:47:23 PM
 #3

No. Even though I have only been in crypto for less than two months, I am very protective of my financial data. I immediately kept my Private Key locked away. Like a Hardware Wallet, I keep all important data like that locked away. I know to never share that with anyone. I was even hesitant, at first, to share my regular crypto addresses, until I researched it and understood that you couldn't access a wallet with just that.

Also, with the place where I keep my passwords, I include the web address for the financial institution, like http://www.myetherwallet.com. So, every time I log in to a financial institution, I open a new browser tab. Then, I cut and paste that address into the new tab. Then, I proceed to enter my information. Even when I get verified emails from the financial institutions I do business with, I do not click on the links in those emails.

I have quickly learned how dangerous Private Keys are. Why MEW insists on using them to log in with is beyond me. With Private Keys being hidden on Custodial Accounts like Coinbase, etc. and being locked away on Hardware Wallets, why would MEW use them to log in with?

MEW certainly seems to be hackable. I would absolutely not use it for anything but for transitory usage. So, if you want to use it for tokens, only transfer the ETH you need to for that token purchase. Then, when the tokens are deposited, get them out of there as soon as possible to a Hardware Wallet.

I wrote an extensive email to MEW, but do not know if I will hear back. Do you know if anyone hears back from MEW on support requests?

Thank you for your help on this. I appreciate it.
Blake_Last
Sr. Member
****
Offline Offline

Activity: 518
Merit: 278



View Profile
October 21, 2017, 02:53:47 AM
 #4

Do you still have access to the computer you used to sign in to your MEW? If you have, can you review its history and look for the site you open which you think is MEW. Because if I'm not mistaken, you're likely to be a victim of a phishing attack and not aware that you've used a similar URL with that of MyEtherWallet.com. If this is the case, and you notice that you did use a phishing URL, then copy that URL and report it here: https://etherscamdb.info/report/. Include the screenshot of the wallet who stole your ETH and tokens and add whatever additional details you can impart to them so they can act and if possible, retrieve your funds.

Also, install this Chrome extension (if you're using Chrome for browser): https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn

This will give you a warning if the ETH address is used before for phishing activities or if it is blacklisted so you can avoid transacting with it or transferring anything to it.

batang_bitcoin
Hero Member
*****
Offline Offline

Activity: 3150
Merit: 609


OrangeFren.com


View Profile
October 21, 2017, 06:45:31 AM
 #5

Also, with the place where I keep my passwords, I include the web address for the financial institution, like http://www.myetherwallet.com. So, every time I log in to a financial institution, I open a new browser tab. Then, I cut and paste that address into the new tab. Then, I proceed to enter my information. Even when I get verified emails from the financial institutions I do business with, I do not click on the links in those emails.

I have some doubts with this, have you heard about this malware http://wyzguyscybersecurity.com/copy-paste-malware/ many has come out to be a victim of this. I didn't experienced this malware but this can be another cause of it.

I wrote an extensive email to MEW, but do not know if I will hear back. Do you know if anyone hears back from MEW on support requests?

Yes, you just have to wait for it and tell us if they did ever reply to your problem.


Thank you for your help on this. I appreciate it.
Don't mention it.

The_Dark_Knight
Hero Member
*****
Offline Offline

Activity: 840
Merit: 502


View Profile
October 22, 2017, 02:37:29 AM
 #6

OP The fact that you state that several other users with the same token were victims of this makes me think that this was not a general attack against myetherwallet and that this was a targeted attack to those that held those coins, I think you were the victim of a virus, by your post you seem to be using windows or some other insecure OS, I will recommend that you stop using that and use a Linux install for all your sensitive transactions from now on.
BountyX
Full Member
***
Offline Offline

Activity: 352
Merit: 100



View Profile
October 22, 2017, 10:07:09 AM
 #7

This is for sure a matter of big concern. I thought MEW was very safe. Better to buy a Ledger NANO then?

dustboy
Hero Member
*****
Offline Offline

Activity: 1022
Merit: 517


View Profile
October 22, 2017, 10:20:27 AM
 #8

This is for sure a matter of big concern. I thought MEW was very safe. Better to buy a Ledger NANO then?

Safe or not also depending on yourself, I think this issue happened because OP was visiting a phishing link which stole his private key. It means we should be very careful in this online world. There are many myetherwallet users get hacked because of the phishing link, they key to be safe is on the users. Otherwise, it will be useless even if you ledger nano if you cant keep your own safety.
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
October 22, 2017, 02:17:41 PM
 #9

Questions:
Is MyEtherWallet that vulnerable to hacking?

I carefully safeguard my access information to MyEtherWallet. No one else has access to it. I only log on directly to http://www.myetherwallet.com. I subscribe to MalwareBytes, which is easily the most robust protection I have ever used. I do not click on third-party links or email links for financial sites.
Thank you for your time and assistance with this. I appreciate it!


MyEtherWallet is not vulnerable to hacking. This is probably the crucial point:

I only log on directly to http://www.myetherwallet.com


You should always use https instead of http. If you really used http there is a small chance of a Man in the Middle attack where the attacker
is between you and the real MEW, reading your keyfile/password/whatever you used because it was not encrypted with TLS.
Thats not a security flaw by MEW. Thats the reason you are encrypting sensible information with TLS (https protocol).


puremage111
Hero Member
*****
Offline Offline

Activity: 1568
Merit: 511


View Profile WWW
October 22, 2017, 03:59:55 PM
 #10

Before i giving my POV, to the answer of OP

1) Yes, MEW is hackable, but likely impossible at the same. Regardless of what, private key is still a combination of characters, it just the matter of time people spent to find the EXACT same characters as your private key.

My take here:

It seems that that hacker "only steal KICKcoins and ETH" from the account, one of the hacked account/perhaps its owner account here
https://etherscan.io/address/0xe34c1d62e02c7cf5f729f439b5c7b77faa59a688#tokentxns

As you can see this account has Everex which is worth $240
But only Kickcoins is withdrawn, The hacker Withdraw coins that doesn't even have a value currently.

So i suspect you clicked into some Hijacked Phishing Site. Once you upload your Priv key.
It auto access your account
Check Balance of ETH = True, Withdraw
Check Balance of KickICO = True, Withdraw

And based on what you have said, after transferring the hacked Kickcoin, they transfer it again to this address
https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns

Based on all these information, i strongly believe you clicked into one of the fake MEW Site.

Because if you actually take a look at this address: https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns
Then check the tab "Tokens Transfer"

You can see each of the coins, are transferred by different Ethereum Account.

If you actually join slack, you would know recently it has tons of fake bots which spread fake message and tons of people getting phished.

However, this is all just speculations.
This address: https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns could be someone else address, perhaps its an exchange or so. I doesn't have a good reverse tracking skills, but these is all what i can find

Just to check out, did you receive email, message or etc that stated your account is compromised, hijack or anything?
dunfida
Legendary
*
Offline Offline

Activity: 3262
Merit: 1158



View Profile
October 22, 2017, 07:57:09 PM
 #11

I have very serious concerns with the security, or the lack of security, of MyEtherWallet.

The only wallet I know of that will transact in ICO Tokens is MyEtherWallet. Every ICO I have ever come across says to use MyEtherWallet.

I have had problems using MyEtherWallet. I will access it with the information that only I have access to. There are times that my balance will not show. I have to come back later to access the wallet so I can see my balance.

Now, the 1.5 ETH and 3000 KICK Tokens I had in there look like they are gone. I have accessed Etherscan and both my ETH and my Tokens were withdrawn to this address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be

Etherscan: https://etherscan.io/address/0x88404e743442886f04443c2624917df46d2deef5

Ethplorer: https://ethplorer.io/address/0x88404e743442886f04443c2624917df46d2deef5

You can see that whoever this person is, they have grabbed many KICK tokens from many addresses: https://etherscan.io/address/0xf7860ea76a36ee83abb7f88d3c773f0440e178be#tokentxns

Also, you can see that the address the KICK tokens were withdrawn to has taken in tons of other kinds of tokens:
https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns

And, yes, I don't know if I should be posting this transactional information on here, but what does it matter? Everything has been taken out of my wallet.

Questions:

Is MyEtherWallet that vulnerable to hacking?

I carefully safeguard my access information to MyEtherWallet. No one else has access to it. I only log on directly to http://www.myetherwallet.com. I subscribe to MalwareBytes, which is easily the most robust protection I have ever used. I do not click on third-party links or email links for financial sites.

But, still, my ETH and Tokens are gone to that address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be And, I am guessing I have zero recourse. Is that correct? Can anybody just hack into something like MyEtherWallet and take your coin and tokens?

Thank you for your time and assistance with this. I appreciate it!
Sorry for you loss man and you cant do anything about on those coins once it been transfered then cant do anything about it and even you do said that you do made the security of your private keys you might entered or disclose  your keys which on hacker did able to access your wallet. Malwarebytes cant really detect anything.Its quiet odd that you still being hacked even you didn't logged in on those phishing sites but yet you are still being hacked.Did someone in your family do have access on your keys? This is one of the probability.

cioloxl
Full Member
***
Offline Offline

Activity: 238
Merit: 105



View Profile
October 22, 2017, 08:03:13 PM
 #12

There's nothing you can do. However, if I were you I'd wipe my computer clean or maybe have TRON script run (look it up on reddit) to search for possible keyloggers. MEW is as safe as it gets, the problem is on your end. From what I gather, since the people affected all seem to have KICK in common, I could imagine a scenario in which you visited a website for this ico that was fake. Or something along these lines. Happens more often than you think and it takes a great deal of care when dealing with these things.
millerfilm (OP)
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile WWW
October 23, 2017, 03:56:10 AM
 #13

Thank you for the replies.

Ethereum seems to be plagued by ponzi schemes, ripoffs, hacks, phishing, etc. Anything I do with ETH will be very low-cost, no more than small fractions of 1 ETH.

I really, truly do not think I clicked a phishing URL. I have been in the practice of typing in URL's directly, and more recently, doing cut and paste. I do the right-click for cut and paste, and make sure that the URL is correct when the site it joined. I am going through my links and making

Yes, Slack is a joke, in my opinion. Absolutely riddled with scams. Plus, the fact that they openly display their scam URL's, in bold type, no less, is quite interesting. If I had clicked on one of those, my sanity needs to be checked.

The positives to take away are that: 1.) I will avoid ETH as much as possible. And, 2.) I will do a hardware wallet for cold storage of any crypto.

And, I still think that using a Private Key for log in is strange, at the very least. I would still say it is dangerous.
millerfilm (OP)
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile WWW
October 23, 2017, 04:28:50 AM
 #14

Do you still have access to the computer you used to sign in to your MEW? If you have, can you review its history and look for the site you open which you think is MEW. Because if I'm not mistaken, you're likely to be a victim of a phishing attack and not aware that you've used a similar URL with that of MyEtherWallet.com. If this is the case, and you notice that you did use a phishing URL, then copy that URL and report it here: https://etherscamdb.info/report/. Include the screenshot of the wallet who stole your ETH and tokens and add whatever additional details you can impart to them so they can act and if possible, retrieve your funds.

Also, install this Chrome extension (if you're using Chrome for browser): https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn

This will give you a warning if the ETH address is used before for phishing activities or if it is blacklisted so you can avoid transacting with it or transferring anything to it.


Any possible URL's were gone since I do Clear Cache/Clear History every couple of days.

I did try that extension, and purposely clicked on one of those bogus Slack scam URL's. One was flagged, but one wasn't. I reported the one not flagged. I definitely ran a full Delete Cache/History/Cookies after that, and added the scam URL's to Block Cookies.

Thank you for your suggestions! I do appreciate them.
sxafir
Hero Member
*****
Offline Offline

Activity: 1022
Merit: 500


View Profile
October 23, 2017, 06:16:44 AM
 #15

I am using myetherwallet and no was hacked.
bundo
Full Member
***
Offline Offline

Activity: 308
Merit: 100



View Profile
October 23, 2017, 09:56:59 AM
 #16

This is for sure a matter of big concern. I thought MEW was very safe. Better to buy a Ledger NANO then?
My assumptions are just as you say

With MEW's system and expertise what might be hacked.Mew very safe

But the security if it has been burglarized assets that we save does not have any value again (zero)
dadandandadan
Member
**
Offline Offline

Activity: 86
Merit: 10


View Profile
October 23, 2017, 11:09:31 AM
 #17

I have very serious concerns with the security, or the lack of security, of MyEtherWallet.

The only wallet I know of that will transact in ICO Tokens is MyEtherWallet. Every ICO I have ever come across says to use MyEtherWallet.

I have had problems using MyEtherWallet. I will access it with the information that only I have access to. There are times that my balance will not show. I have to come back later to access the wallet so I can see my balance.

Now, the 1.5 ETH and 3000 KICK Tokens I had in there look like they are gone. I have accessed Etherscan and both my ETH and my Tokens were withdrawn to this address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be

Etherscan: https://etherscan.io/address/0x88404e743442886f04443c2624917df46d2deef5

Ethplorer: https://ethplorer.io/address/0x88404e743442886f04443c2624917df46d2deef5

You can see that whoever this person is, they have grabbed many KICK tokens from many addresses: https://etherscan.io/address/0xf7860ea76a36ee83abb7f88d3c773f0440e178be#tokentxns

Also, you can see that the address the KICK tokens were withdrawn to has taken in tons of other kinds of tokens:
https://etherscan.io/address/0xdee0cc222c5219ea79ca263beabdec5f9fc13dbc#tokentxns

And, yes, I don't know if I should be posting this transactional information on here, but what does it matter? Everything has been taken out of my wallet.

Questions:

Is MyEtherWallet that vulnerable to hacking?

I carefully safeguard my access information to MyEtherWallet. No one else has access to it. I only log on directly to http://www.myetherwallet.com. I subscribe to MalwareBytes, which is easily the most robust protection I have ever used. I do not click on third-party links or email links for financial sites.

But, still, my ETH and Tokens are gone to that address: 0xF7860ea76a36Ee83abB7F88d3C773f0440e178be And, I am guessing I have zero recourse. Is that correct? Can anybody just hack into something like MyEtherWallet and take your coin and tokens?

Thank you for your time and assistance with this. I appreciate it!
I think there is someone who khow your private keys or its a hacker that are been observing you for a long time and waiting for the right time to grab all of your coins. Maybe it is someone you know, This is just my opinion I hope it will help

mela65
Sr. Member
****
Offline Offline

Activity: 1232
Merit: 342

Best Crypto / Online Casino Writing Services


View Profile
October 23, 2017, 11:59:07 AM
 #18

Sorry for your loss, one of my friend also got his 30k $ stolen. There is a warning on mew website, should it be about it ? Because I've been hearing a lot about this lately.
Trofo
Legendary
*
Offline Offline

Activity: 2660
Merit: 2703


Join the world-leading crypto sportsbook NOW!


View Profile
October 23, 2017, 04:11:53 PM
 #19

I am using MyEtherWallet for some time now and I believe that for normal uses and purposes they are practically completely safe. To the best of my knowledge all the cases of missing funds from MEW wallets has been due to user error. I know it sounds harsh but I consider all successful phishing attacks as user errors.

That being said next time I check my wallet I will probably find it empty :=)

Few tips which cannot hurt:
1. Private keys are private. Don't share them ever!!!
2. Use at least 2 wallets. One for access to airdrops and day trading and the other as cold storage.
3. Please don't use PC with cracked versions of windows or other software for wallet creation. Use some well known and tested linux distribution or original clean installation of windows.

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
AIRDROPSQUAD
Member
**
Offline Offline

Activity: 252
Merit: 11

PLAYHALL - SKILL GAMING PLATFORM


View Profile
October 23, 2017, 04:22:04 PM
 #20

Sorry for your loss dude. Shitty things always happen anytime. Next time, avoid to using private key to login if not very urgent. Just check it you balance using another web explorer like https://ethplorer.io/ or etherscan.

Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!