Users of MyEtherWallet lose around $152,000 worth of ether due to wallet's DNS servers hack.
Representatives of MyEtherWallet have already confirmed that a number of DNS servers have been replaced by unknown hackers for redirecting users to a phishing site. They also added that the problem arose not on the side of the service and at the moment they are trying to identify problem servers and resolve the situation.
Affected users used Reddit to report on the hack.
Went on to myetherwallet and saw that myetherwallet had [an] invalid connection certificate in the corner. As soon as I logged in, there was a countdown for about 10 seconds and A tx was made sending the available money I had on the wallet to another wallet '0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29.' I have no idea what happened.
rotistain at Reddit
Developers gave their advices.
Do not use myetherwallet.com if you're using Google Public DNS (126.96.36.199 / 188.8.131.52) at this moment. It seems these DNS servers are resolving the domain to a bad server that CAN steal your keys!
Lead developer, BlockBits. io
The official statement of MyEtherWallet said that the problem affected only those who used DNS-servers from Google. The service strongly encourages all users to use the server from Cloudfare.
Representatives of the resource also reminded users about the basic security rules: checking the SSL certificate, preferring the use of an offline copy of MyEtherWallet, storing crypto currency on hardware devices. In addition, they asked users to ignore scammers offering free distribution of ETH tokens.