Reports are coming from across the globe that claim that bad actors have taken control of the DNS registry of popular Ethereum blockchain interface and ad-hoc ERC-20 wallet MyEtherWallet (MEW) and is siphoning tokens.

Originally brought to light in a reddit post, an affected user described being connected to the MyEtherWallet website through an uncertified certificate. After proceeding to login despite security warnings, the user reported having all of the ETH tokens stored in their wallet removed just seconds after, transferred to this wallet address.

DNS servers are the protocol responsible for translating domain names such as myetherwallet.com into IP addresses.

In this instance, it appears that the MyEtherWallet domain on Google’s Public DNS listing has been replaced with an IP address based in Russia that hosts a malicious version of MyEtherWallet, designed for the phishing of users private keys.

As this story is developing and ongoing, CryptoCoinSpy recommends to avoid using MyEtherWallet until the problem is resolved.

Image From Shutterstock