MyEtherWallet has been hit by a DNS hijacking attack that redirects users to a phishing site designed to steal private keys.
The incident was spotted by users first, who took to social media to complain. MyEtherWallet quickly confirmed the hack on Twitter saying:
“Couple of DNS servers were hijacked to resolve myetherwallet.com users to be redirected to a phishing site. This is not on @myetherwallet side, we are in the process of verifying which servers to get it resolved asap.”
According to CCN, the hacker appears to have stolen around 215 ETH ($142,734.20 or £102,215.30) over several hours, with a single user losing 85 ETH worth around $60,000.
This wallet has been implicated in the attack, and has been linked to previous scams.
This is not the first time MyEtherWallet has been wrapped up in a malicious scheme or two, with last week seeing a honeypot scheme posted to the MyEtherWallet chatroom and resulting in $300 of ETH stolen from unsuspecting users.
Google was also heavily criticised for allowing bad copies of the app to remain on the Google Play store, continuing to fool users and collect their private keys to drain their funds.