Myetherwallet gets fucked

coindesk.com/150k-stolen-myetherwallet-users-dns-server-hijacking/

"Couple of DNS servers were hijacked to resolve myetherwallet.com users to be redirected to a phishing site. This is not on @myetherwallet side, we are in the process of verifying which servers to get it resolved asap."

Attached: dns.png (767x497, 507K)

Other urls found in this thread:

twitter.com/myetherwallet/status/988830652526092288
github.com/MyEtherWallet
twitter.com/SFWRedditImages

sheeeeiiit

fuck

Fuck i wish i was that smart

MIST WALLET BUGGY POS MASTER RACE

(((Google DNS)))

I hope you’re smarter than this, user.

twitter.com/myetherwallet/status/988830652526092288
"⅗ Majority of those affected were using Google DNS servers. Affected users likely clicked the "ignore" button on the SSL warning that pops up when visiting a malicious site imitating MEW. MAKE SURE there is a green bar SSL certificate that says “MyEtherWallet Inc [US]”

pretty sure you have to be a moron to ignore a ssl warning

>pretty sure you have to be a moron to ignore a ssl warning
if you've worked customer service you know there's a fair amount of morons in the world. that's why institutions are coming in - to manage crypto (which is meant to be self managed) for morons.

Brainlet here. Just want to make sure I'm understanding and no one swipes my stuff from MEW.
1) when logging in to MEW (or any other site with my coins, e.g. binance) should see on the address bar BEFORE the url, green padlock icon and Myetherwallet [US] before https: (also in green)

2) Use hardware wallet

So, for those who fell victim to this hack, would they have been any safer if they had been using a hardware wallet?

Be safe, bizbros. Thanks.

Stop using this piece of shit web interface wallet. No other crypto community besides ETH endorses this retarded shit. Use the Mist wallet and threaten Vitalik at gunpoint to actually pay people to develop things.

Again?

I want a report on what coins were stolen so I can avoid shitcoins bought by idiots.

Is Metamask safe?

Aaaand that's why you use Cryptonite.

>No other crypto community besides ETH endorses this retarded shit

No other crypto community besides the biggest community of all, e.g. eth plus all tokens on the eth blockahain.

Literally using any desktop wallet would've prevented this. No possibility of uploading your private key to a swanky third party website.

> if you've worked customer service

Makes you realize society's safety net is too safe.

>Literally using any desktop wallet would've prevented this.

thanks, but a few questions
1) I use MEW not just for Eth but for a bunch of ERC 20 tokens that don't have their own desktop wallets
2) If someone had logged into the fake site using a ledger, would they have been protected? With ledger the private key stays on the device, right? So the scammers wouldn't have been able to get the key?

Are you serious?

If these idiots can't comprehend their browser warning them not to continue due to SSL, but they continue anyways. What makes you think these same morons aren't downloading BITCOIN GENERATOR VERSION 3.0 from YouTube?

yeah a ledger would be 100% safe. It's why I don't really care about news like this, no one intelligent should lose money

Bro. You can manage erc20 tokens in Mist.

I cold storaged my keys after I generated them.

>syncing 200 GB of data
no thank you

>yeah a ledger would be 100% safe.
thanks for reply.

>It's why I don't really care about news like this, no one intelligent should lose money
In the short term I take your point, but in the long term this type of thing is, I think, going to be a huge barrier to adoption.
OTOH it also seems like a market opportunity for someone to step in and develop tech to protect folks from being hacked like this.

> taking over a DNS server
> scammers

Scam: A confidence trick is an attempt to defraud a person or group after first gaining their confidence, used in the classical sense of trust.

Was no trick, as the browser warned them not to continue.

> take over a DNS server
> hacker taking advantage of stupid people

That's more like it.

1. ERC 20 is saved into your ETH address and recognized by the network anyways. Which means you can have a ETH wallet, just can't access your shitcoins directly.
2. Ledger is trash as it has been hacked multiple times that it's not even funny.

Smartest way is encrypted paper wallet, dat files backed up and encrypted on two forms of storage and to leave all three in separate places.

Wtf is wrong with you brainlets?

Mist supports light nodes. Sure sometimes you have to wait 20 minutes for it to find a node with capacity but it eventually works.

Have literally none of you used a desktop wallet before?

I've never needed to sync for more than maximum a couple of minutes.
Mean sync time

oh ok, didn't know that. Last time I used mist was about a year ago, it was fucking awful so I never used it since

> relating year old information to the present

You sure you're not a boomer?

Mist is still fucking awful but it's pretty much the only option.

I'm still fucking confused how ETH got to #2 market cap. Vitalik refuses to pay devs to develop Mist so the official wallet has been garbage for literally this long.

This market is a joke, still making money tho.

Strong reminder to always go through the Github pages website.

At worst it's security by obscurity.

user, can you explain for a brainlet?
do you mean,
1) goto github.com/MyEtherWallet
2) click on link to myetherwallet.com from there?

sorry for retardation but scared as fuck that I'm going to get tripped up one of these days and lose my shit.

Also, in theory couldn't someone pull the same shit with the github page and hack dns servers and make a fake one of those pages? Or is that vanishingly unlikely?