MEW DNS hack report

[asere]

Hi,


Me too was a victim of this hack.
Actually I agree its not a real hack but a DNS exploit that along my carefulness about the SSL warning led to my account being robbed.

The thing I want to stress out is the fact that its known who invaded my account and stole my coins.
Its on a public ledger and his address is known.

Actually the fucker has this address https://etherscan.io/address/0x4b688d297e3b4f3359f8ab9883ebaf300fc01497

My questions are:

1. Shouldn't WE ,as a community, have a place where these fuckers are reported/banned.

2. How can this fucker be identified? At some point he will use this address to send the coins to an exchange for FIAT conversion or for trading.
    Then he is identifiable(?)

I know its my mistake for being careless with my surfing habits and I will not see these coins again,
but more important than my money is to save others from this...and to make the use of cryptos better.

Any thoughts on this is appreciated.

Peace

[1715556900]

1715556900

[1715556900]

1715556900

[1715556900]

1715556900

[Ekosistim]

maybe we cant count anymore how many victim by this problem, so for secure our assets its better to use metamask or ledger i think.

[lucian999]

there are many hackers who want to hack the mews so double remember one of their modes is to sign up on the links or airdrops and telegram so avoid doing so just do not sign up for the first try before signing up for no Get the best you can with your mew

[asere]

maybe we cant count anymore how many victim by this problem, so for secure our assets its better to use metamask or ledger i think.

I was using Metamask!
So I guess thats not where the problem is.

[Quincy01]

I am so sorry to hear this sad experience with your stolen tokens, it is really sad because my friend was also robbed by theses hackers two weeks again and up to this moment he is still in that shock and sick of the entire system. My opinion here is that the MEW support team should upgrade there software in such a way that before any transaction flies through, there should be some level of verification that needs to be done and they should tighten the security of the system because it is too porous, thousands of people are crying over this issue and they just can't keep quite about it.

[marks1976]

Hi,


Me too was a victim of this hack.
Actually I agree its not a real hack but a DNS exploit that along my carefulness about the SSL warning led to my account being robbed.

The thing I want to stress out is the fact that its known who invaded my account and stole my coins.
Its on a public ledger and his address is known.

Actually the fucker has this address https://etherscan.io/address/0x4b688d297e3b4f3359f8ab9883ebaf300fc01497

My questions are:

1. Shouldn't WE ,as a community, have a place where these fuckers are reported/banned.

2. How can this fucker be identified? At some point he will use this address to send the coins to an exchange for FIAT conversion or for trading.
    Then he is identifiable(?)

I know its my mistake for being careless with my surfing habits and I will not see these coins again,
but more important than my money is to save others from this...and to make the use of cryptos better.

Any thoughts on this is appreciated.

Peace

1 Since the crypto can be considered as psudonymous and there is no way to report them. This mean if that will be useless.

2 these hackers get secured by the algoritm that has been implemented in the crypto currency and they can't be identified as far as i know. n

[asere]

-why the MEW is at all available to anyone when  he is so risky?
-Is it so hard to make a verification before the transaction?
90 percent off people who have experienced this will never again touch crypto!

Agree on both statements!

... there should be some level of verification that needs to be done ...

I agree second level verification is a must.

1 Since the crypto can be considered as psudonymous and there is no way to report them. This mean if that will be useless.

2 these hackers get secured by the algoritm that has been implemented in the crypto currency and they can't be identified as far as i know. n

You identify yourself when you seek the connection to a bank for fiat transfer.

But concider this:
If the same address is repeatedly reported as a thieve-address and is banned on the public ledger then the funds that it holds would become inactive/burned.
This is fair and would be a nice addition to any blockchain.

Actually there might exist a blockchain that would rate addresses (eventually the person behind an address) and sort them in a list as reliable/not reliable

[butka]

I was using Metamask!
So I guess thats not where the problem is.

Yes, metamask is more secure and not susceptible to attacks of this type. It is important to stress that MEW's website wasn't hacked. It was a public DNS server that was hacked (Google’s DNS in fact), which then led to people landing on the wrong IP (attacker's sever rather than the MEW's server).