MyEtherWallet, one of the most popular Ethereum (ETH) wallets, alerted its users that, in case they’ve used the Hola VPN service that works as a Chrome extension to access their portfolio, their funds may be compromised.
The MyEtherWallet (MEW) development team asked their users to transfer the funds stored in their wallet if they had used the Hola VPN service within the last 24 hours. That although their platform was not compromised, but they assume that the attackers still have access via the before-mentioned VPN. According to them, Chrome’s extension may have been the victim of malware for five hours in an attack aimed at logging wallet activity to steal funds.
The vulnerability exploited by the attackers occurred hours after the last update of Hola VPN, released yesterday, and according to MyEtherWallet, the attack was registered from a Russian IP address.
Some Reddit users complained their wallets were hacked even though they had not used Hola VPN
The developers also reminded their users that MEW “does not have any personal data, including passwords,” so their users can be sure that hackers will not get any information if they did not use the VPN. However, the extent of the attack is unknown at this time, and some Reddit users claim to have been hacked without using Hola VPN.
It is important to note that this is the second attack MyEtherWalletexperience in 2018, after the incident on May 24th, when the devs presumed that during the hours of the attack hackers had the opportunity to manipulate the Ethereum (ETH) wallets. According to official statements, MEW suffered the hijacking of some DNS servers that were redirected for hours to a phishing site.
In October 2017, it was the first time when MEW was the subject of a phishing operation in which more than $15 million in Ethereum (ETH) got stolen. However, the attacks MyEtherWallet has suffered in recent months have not been directly linked to vulnerabilities in the wallet code but to its associated services and phishing.