The MyEtherWallet, a wallet for holding cryptocurrencies, has just been hit with a DNS hack resulting in some people losing their valuable cryptocurrency holdings – exposing larger vulnerabilities to phishing attacks within the internet’s system for routing and delivering data.
The attack raises a couple questions: What is a cryptocurrency wallet? What is a DNS hack? How can this influence me if I haven’t got a cryptocurrency investment?
First, everyone on the internet is vulnerable to phishing attacks – where cybercriminals redirect victims to fake websites to collect their private information.
Second, this specific attack is believed to be a combined hit on the DNS and Border Gateway Protocol (BGP). The DNS (Domain Name System), as the phone book of the internet, links domain names to the correct IP addresses and BGP is a more complex system that directs actual internet traffic.
Think of this as a virtual game of “Postman” with people sitting around the kitchen table where one person whispers the full sentence, the second person repeats the sentence, and so on. But here we have someone wiggle uninvited into the game, change the sentence, and send the message to the wrong person. And the loser, in this case, doesn’t just get sent away from the table, losses in this MyEtherWallet case are estimated at $150,00 up to $365,000.
Just like in “Postman,” the players are now trying to figure out where and what went wrong. Also, since there are several layers of DNS involved, blame and/or responsibility will be flying in several directions. MyEtherWallet is pointing out that it was not their servers which were hacked. Amazon has also pointed the finger past their AWS and Amazon Route 53 to an unnamed upstream Internet Service Provider (ISP).
This problem, as a long-term vulnerability in how the internet is built, is not going to go away anytime soon.
The best response is to follow MyEtherWallet’s directions for all of your internet activities, especially when it comes to personal data or financial information. So if you read the following advice, don’t just use it for “MyEtherWallet Inc”, use it for every page you ever visit:
Users, PLEASE ENSURE there is a green bar SSL certificate that says “MyEtherWallet Inc” before using MEW.