VERDICT —OUT OF SCOPE
Root cause is infrastructure (DNS / cloud / database / third-party API) compromise, not on-chain contract logic. Pre-deployment source review would not surface this; coverage lives in cloud-security + supply-chain audit, separate discipline.
▰ METHOD
INFRASTRUCTURE
INFRASTRUCTURE
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
After logging in to the website for 10s, the user's wallet is emptied, the hacker hijacks the DNS server, and the user logs in to MyEtherWallet to force a redirect to the malicious website. The user was forced to redirect to a malicious website when logging in to MyEtherWallet. Attack method (per SlowMist): DNS hijacking. Reported loss: $ 13,000,000.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- MyEtherWallet
- bug_class
- infrastructure
- date_occurred
- 2018-04-25
- loss_usd
- $13,000,000
- source_id
- sm:myetherwallet::2018-04-25
Related — same bug class· infrastructure