Hot search keywords

Hot search keywords

524 ETH in MyEtherWallet Are Hacked in DNS Attack

MyEtherWallet (MEW), the most popular ethereum wallet, has been hijacked in a DNS (Domain Name System) attack at around 21:00 p.m.(GMT+8) of April 24. Massive users were reporting their loss.

The issue was first revealed on Reddit by a MEW user, who thought he got scammed/ phished/ hacked.

Noticing the odd connection certificate, he triple checked the url address, “even though every part of my body told me not to try and log in, I did. As soon as I logged in, there was a countdown for about 10 seconds and A tx was made sending the available money I had on the wallet to another wallet -0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29″.


Later some more users also reported their ETH loss. It is estimated that 524 ETH has been hacked as of press time. They are suspected to be withdrawn into two addresses as following:

  • 0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29
  • 0xf203a3B241deCAFD4BdEBBb557070db337d0Ad27

The IP address of which was confirmed to be in Russia by some reddit users, but there was also reddit user claiming that the WHOIS organisation is in Russia but the person on the records is in Ukraine.

First threats from North Korea hackers, and now Ukraine. According to an interview with an anonymous hacker reported by 8BTC, 99% hackers have kept their eye on cryptocurrency. The hacker said it was estimated that in the second half of this year, a dark industry chain would be completely formed, by then 99% of users would fall into insecurity.

MyEtherWallet soon dropped an official tweet confirming its veracity, and made clarification that Amazon’s DNS servers were hijacked which affected MEW and claimed everything’s back to normal now with an anti-phishing guide included.




The incident triggered massive discussions in the community, as a top one read, “this is why crypto is still bullshit for adoption.”

Another user responded that “this type of attack is not unique to crypto. DNS hijacking has happened to banks as well. Even local versions of Google, Paypal and Microsoft have been hijacked before.

“Never use your keys on ANY site. That is the whole issue…”, quoted from a user.


Please sign in first