MyEtherWallet has developed from a small project to a full-fledged company. Last week, this wallet service provider was targeted by an elaborate phishing attack that led to 216 ETH being stolen. The founder promised the victims that it would compensate their losses if “it was our fault”.
Tuesday’s Phishing Attack
As regards to how the theft happened, founder Kosala Hemachandra said in a Finance Magnates interview: “In layman’s terms, someone broke the internet to phish MyEtherWallet”. Basically, a major server was hacked so that users who entered on MyEtherWallet’s site were sent to a fake duplicate site.
“For two hours, all the [MEW] traffic that goes through Amazon servers was redirected to a server in Russia,” said Kosala. The problem occurred “within the core system of the internet structure.”
“We can only mitigate, and we can only make it harder for people to do things like this, but I honestly don’t think there’s a hundred-percent complete fix that will come out within the foreseeable future,” he explicated.
He said that at the time when the interview was taken, no police officials had been implicated in the phishing case.
Though, MyEtherWallet has started looking for preventive measures for similar incidents that might happen in the future. “I’m talking with security researchers. This shouldn’t be happening–like, this is way bigger than MyEtherWallet. It can happen to any website out there.”
“I’m pretty sure at some point in time, there will be some investigations. I can either personally get involved or someone will start an investigation on what exactly happened, and how to prevent it, and who the responsible groups are. But as of now, I’m not aware of anything that’s going on” said the founder regarding legal actions and police involvement.
Momentarily, the users who had their funds stolen will not be reimbursed. The founder argued that “because all of the affected users went through a security warning when they went to MyEtherWallet.com saying ‘hey, this security certificate is invalid, do you still want to proceed?’”
Kosala said that he is certain that even more loss would have occurred if the warning hadn’t been displayed. “I think most of our users were clever and they didn’t continue to MyEtherWallet” dues to the instructive measures that MEW has applied.
However, “we are gathering more information from users on exactly what happened–what they did, and how it looked like, and all that information. [Reimbursing] is not something we’re planning to do because of all these things that happened, and they did get a warning. But, yeah, if the community reaches out to us and they think that it’s our fault in a way, that’s something we can look into for sure.”
MyEtherWallet’s founder advises its users to be extra careful when navigating the crypto space and listen to their instincts. Indeed, as the value of cryptocurrencies has increased, the number of attacks have also multiplied at rampant speeds. Make sure you always proceed with caution when trading, as threats lurk at every corner.