THELOGICALINDIAN - A affected adaptation of the Hola VPN was uploaded to the Google Play Store on July 9 which compromised MyEtherWallet MEW for those who downloaded it MEW user action and passwords were apparent to the hacker for users who downloaded the app aural the bristles hours it was alive as they were directed to a affected website
Hola VPN Hacked Exposing User Activity
Hola VPN’s Google Chrome Store annual was compromised, which accustomed a hacker to upload a adapted adaptation of the Chrome extension. The affected addendum was programmed to ‘phish’ advice about MEW accounts by re-directing the MEW users to the hacker’s website.
Hola said, in a blog post: “Immediately aloft acquirements about the incident, we set up a CyberSecurity acknowledgment aggregation to investigate the incident. We additionally took actual emergency accomplish to anon alter the extension, defended the developer’s account, and to adviser versions on a connected base to ensure this does not recur.”
Urgent! If you accept Hola chrome addendum installed and acclimated MEW aural the aftermost 24 hrs, amuse alteration your funds anon to a cast new account!
— MyEtherWallet | MEW (@myetherwallet) July 10, 2018
“We are now free the ambit of the compromise, and administering an appraisal on accomplish that can be taken to advice anticipate such an adventure from occurring in the future. We will allotment the allegation from this assay with the ecosystem to advice ensure a safer Internet environment.”
Users may accept been afflicted if they had the addendum installed while the affected addendum was on the app abundance and logged into MEW after actuality in anonymous mode. Hola brash users to change passwords and alone log into wallets in anonymous approach area “code bang is not possible.”
MyEtherWallet tweeted: “Urgent! If you accept Hola chrome addendum installed and acclimated MEW aural the aftermost 24 hrs, amuse alteration your funds anon to a cast new account! We accustomed a address that suggests Hola chrome addendum was afraid for about 5 hrs and the advance was logging your action on MEW.”
MEW told TechCrunch that the advance appears to be from a Russian-based IP address. MEW said that they do not abundance users’ claimed data, including passwords, which agency that hackers did not get authority of such advice unless they interacted with the affected Hola addendum on July 9.
Fake MEW Apps Claim 8,000 ETH
There are a aerial cardinal of affected MEW websites which accept scammed users for amounts up to 515 ETH according to a database by CryptoPolice. In total, these websites accept scammed over 8,000 ETH from biting users. CryptoPolice encouraged all users to “be added alert and consistently analysis the area names.”
Users accept additionally been warned of downloading affected apps that accomplish themselves attending like the official app. Malware Researcher Lukas Stefanko reported a affected MEW app on Google Play Store on July 9. He said that the app “leaks user database with clandestine keys.” He additionally said, on Twitter, that there are 15 apps with added than 400,000 accumulated downloads which can download added agreeable and affectation and bang on airy ads.