Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

On 25/04/2018 08:29, Hank Nussbacher wrote: > On 24/04/2018 21:35, Fredrik Korsbäck wrote: > >> TLDR; So it seems that AS10297 (some small hostingprovider in the US) >> suddenly started to announce de-aggregated AWS >> IP-space, containing quite alot of Route53 infrastructure, put up resolvers

Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

On 24/04/2018 21:35, Fredrik Korsbäck wrote: > TLDR; So it seems that AS10297 (some small hostingprovider in the US) > suddenly started to announce de-aggregated AWS > IP-space, containing quite alot of Route53 infrastructure, put up resolvers > on their own on the hijacked IP-space and >

Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

Is MyEtherWallet really doing 500k/hr in business though? > On Apr 24, 2018, at 2:35 PM, Fredrik Korsbäck wrote: > > Aloha. > > Surprised this hasnt "made the news" over at this list yet. > >

Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

On Tue, Apr 24, 2018 at 10:22:19PM +0200, Fredrik Korsbäck wrote: > Id take it that 15169 accepted the prefix for some reason over a > bilateral peering-sesssion (to the best of my knowledge the equinix > routeservers does indeed do filter, but please correct me on this one) > with 10297 and hence

Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

On 4/24/2018 1:35 PM, Fredrik Korsbäck wrote: Surprised this hasnt "made the news" over at this list yet. In the old days, the list membership would have noticed the hijack. BGP hijacks used to be a somewhat popular topic, but like spammer chasing, I think everyone grew bored of it and the

Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

Well there is quite abit of data around that particular server. So it definitely happened. https://twitter.com/GossiTheDog/status/988873775285460992 This tweet is a good start. The server answer to me right now and google safe browsing has flagged it as well for being insecure (no the regular

Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

On Tue, Apr 24, 2018 at 08:35:17PM +0200, Fredrik Korsbäck wrote a message of 28 lines which said: > Surprised this hasnt "made the news" over at this list yet. It may be also because NANOG email is handled by Google, who broke its antispam: : host

Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

"that depends". we for sure know that 150K or so got immediately snatched of the bat, but how much more wallets is at stake? no one knows. What is known however is that they are trying to deploy smokescreens with tons of transfers moving ETH around wallets and all seems to be ending up sooner

The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

Aloha. Surprised this hasnt "made the news" over at this list yet. https://doublepulsar.com/hijack-of-amazons-internet-domain-service-used-to-reroute-web-traffic-for-two-hours-unnoticed-3a6f0dda6a6f https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/2teeVLJ44RM/Yqk5GHSpCQAJ