Unknown hackers have breached MyEtherWallet around the same time as the Bancor breach. The attack on MyEtherWallet (MEW) was carried out using a fraudulent version of the popular Hola VPN. The attackers were able to compromise Hola’s Google account and upload a fraudulent Chrome extension for the Hola VPN to the Chrome store. The fraudulent VPN tracked users’ online activity and was used to compromise several MEW wallets. MEW advised their users that if they had installed the Hola extension and accessed their MEW wallet at any time, that they need to transfer their funds to a new wallet for their own protection. A spokesman for MEW also indicated that the attack appears to have originated from IP addresses located within Russia. Hola has since regained control of their Google account and has removed the Chrome extension. It is unknown how much money was compromised in the attack. With the timing of this attack on Ether Coin and the attack on Bancor, it is possible that these attacks are related.
Analyst Notes
When giving an assessment our Intelligence Specialists will use the following terms to describe the probability that the assessment will be proven true. Possibly indicates that there is a 60% or better chance that the indicated action will take place. Probably indicates that there is a 75% or better chance that the indicated action will take place. Likely indicates that there is a 90% – 99% chance that the indicated action will take place. No assessment will ever be given by Binary Defense Systems Threat Intelligence Team with 100% certainty as there are always going to be variables that cannot be accounted for.
