Attack on MyEtherWallet – The day after

Yesterday we reported live about an attack on the users of the site MyEtherWallet (MEW). Meanwhile the hustle and bustle has subsided. What happened? How can you protect yourself?

The MyEtherWallet website offers its users the opportunity to interact with the Ethereum block chain. This means that you can interact with Smart Contracts, for example to participate in an ICO that expires as an ERC20 token. MEW is regarded as one of the contact points on the Internet for these purposes.

Man-In-The-Middle attack on MEW

All the more dramatic were the messages that spread like wildfire through the Internet yesterday: “Attack on MyEtherWallet! Do not use for the time being”. The attack started at about 12 UTC and lasted about two hours.

It was targeted specifically at MyEtherWallet and users had to fear for their Ether (ETH). The attacker used for his purposes BGP a protocol to route Internet traffic between Internet Service Providers (ISP). He used it to redirect traffic to his own DNS and the users to a fake website.

The attack was therefore a classic “Man In The Middle Attack” – a technology that was decades old. The vulnerability was not due to MyEtherWallet, but to the known vulnerabilities of BGP.

Cypherpunk legend Nick Szabo took the opportunity to point out the vulnerabilities of Web Wallets. If you want to keep your money safe, you should definitely not do this online.

This way you can protect yourself

For the security of your own money, there are two – relatively simple – steps:

Always make sure that the SSL certificate to the left of the URL bar is green. If the certificate is red and crossed out, it is a compromised website.
Install MyEtherWallet locally on the computer and run it from there. MEW is a browser application, which means that MEW can also be accessed via the browser of your choice during a download. However, you can be so sure that you will not be redirected to a third website by a malicious attacker.