Compromised public DNS server allows to steal 152.000 dollars

On last April 24, cybercriminals compromised a couple of DNS servers with destination to MyEtherWallet.com, an Ether cryptocurrency wallet web-based site. They redirected all the web traffic to a fake portal that replicated the original.

MyEtherWallet.com detected the phishing 15 minutes after the attack started and warned through social networks to the users. During this time, cybercriminals stole 216.06 Ether cryptocurrency, about 152,000 dollars.

MyEtherWallet.com admins investigation determined that their DNS servers hadn’t been compromised and the attack was through some public DNS Server.