The open-source financial market services tool MyEtherWallet (MEW) was exposed to a Google DNS hack. Social networks and other crypto discussion boards have recently exploded with dozens of reports on the fact stating that their virtual coins have been stolen from MEW accounts.
Published by a Reddit user on April 24, the post said that 0.09 ETH (around $65) had been hijacked from a MEW account. There was no doubt that the owner of the wallet had become a victim of a cryptocurrency scam that involved a DNS exploit. He mentioned that he had ignored the notification claiming the insecurity of a website. Sure, it was not a regular thing for MEW, but the user paid no attention to it and filled his details in. In less than 10 seconds, the digital currency was gone.
At the time the post above was created, many other people shared the same trouble on their profiles on various media. By now, it was discovered that all crypto coins went to one certain account:
As it turned out, over $150,000 in Ether went missing to this address. Given this highly unpleasant event, Etherscan has titled the account as “Fake_Phishing899”.
It is worth mentioning, that this is not the first time such a DNS exploit scam has been conducted on the platform related to ethereum. Hackers made a successful attempt to hack Etherdelta in December last year. Most experts see this situation as the result of the availability of only one point of failure which causes the vulnerability of the whole fintech system.