Almost $16,000 stolen at Ethereum wallet attack

Myetherwallet.com attacked by hackers sending phishing emails, but criminals quickly unveiled by ethical hacking expert 
26 October 2017   3673

The phishing campaign was uncovered by Wesley Neelen, a Dutch IT infrastructures security researcher, who has worked as an ethical hacker in several organizations for 6 years. He received an email from the criminals to his unique email address, known only by a limited mailing list, and decided to investigate this further. The malicious link in the email led to a fake version of the Myetherwallet.com website. Little did cybercriminals know that they targeted a hacking expert.

Those who clicked the link were given the information about the upcoming Ethereum hard fork and asked to enter their private keys to unlock their accounts. The private keys and passwords were later used by hackers to steal all the coins from victims’ wallets.

Wesley Neelen stated that although the fake website was designed to look exactly like the original site, he noticed that the address of a fake website contained a small comma beneath the “t”, and the cybercriminals used a Unicode trick to register such domains.

Neelen found out that a certain people have already fallen victim to the scam as he found a file that contained a list of all the wallets stolen by the hackers.

The total amount stolen was determined by security experts as $15,875.65 in Ethereum which hackers were able to withdraw from the accounts in only two hours.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   1011

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.