Is MyEtherWallet Secure?
MyEtherWallet (MEW) is simply a escaped and open-source interface for Ethereum and ERC20 tokens that allows users to straight interact
with the Ethereum blockchain with conscionable their web browsers. It among the astir fashionable sites for creating and managing Ethereum wallets, but is it safe??
Recently, MyEtherWallet was deed with an onslaught that redirected immoderate of its servers to a malicious phishing tract successful Russia, draining the wallets of unsuspecting victims who utilized MEW during the hours of the hack. This near galore users to question the information of MyEtherWallet and whether they should proceed to usage it successful the future.
So, should you proceed to usage MEW?
To reply this, we volition archetypal explicate however MyEtherWallet operates. Creating a MEW relationship volition make a nationalist cardinal and a backstage key, neither of which are ever stored connected the MyEtherWallet site.
It is the sole work of the idiosyncratic to backmost up their keys successful a harmless and reliable spot (offline). The idiosyncratic tin past entree and nonstop their ETH done hardware wallets (TREZOR, Ledger Nano S) oregon straight with backstage keys, mnemonic phrases, oregon keystore files.
Through an exploit successful Amazon’s “Route 53” hosting system, the hackers were capable to intercept DNS requests for myetherwallet.com to marque their ain server look to beryllium the rightful proprietor of the address. From there, they were capable to redirect postulation to their ain “MyEtherWallet” clone site, wherever victims handed implicit their backstage keys and effect phrases reasoning that they were connected the existent MEW site. Fortunately, MyEtherWallet identified the hijacked servers and rapidly rectified the issue, and lone a fewer 1000 dollars worthy of ETH was stolen.
Accessing your wallet with a backstage key, keystore file, oregon mnemonic operation leaves you susceptible to these kinds of attacks. If you hap to onshore connected a phishing tract done nary responsibility of your own, you volition unknowingly present afloat power of your relationship to the hijackers.
The astir unafraid mode to entree your MEW account, by far, is with a hardware wallet. Hardware wallets enactment arsenic a maestro key, and diagnostic added layers of information specified arsenic codification scramblers to guarantee that your backstage keys and phrases are ne'er stolen from you. The codes are shown connected the surface of the hardware wallet, alternatively than connected the surface of your computer, truthful an onlooker volition ne'er beryllium capable to decipher your combinations. If you were to entree a malicious tract utilizing a hardware wallet, the worst that a hijacker could bash is redirect an outgoing transaction to his ain wallet. This would beryllium unfortunate, yes, but it’s a batch amended than having your full equilibrium drained.
Two hardware wallets that we highly urge are the TREZOR and Ledger Nano S. They are robust and reliable hardware wallets that person not failed america yet. They let for casual absorption and retention of Ethereum and galore different coins including Bitcoin, Bitcoin Cash, DASH, ZCASH and much (Yes, you tin store your ERC20s connected them too)!
In short, MyEtherWallet is inactive harmless to usage and volition stay 1 of the astir fashionable ETH absorption platforms, but it’s important for users to recognize the risks of inputting their backstage keys oregon passwords into immoderate centralized website. Hackers are getting craftier each day, and determination is ever the anticipation that they volition larn to exploit adjacent the astir trusted sites specified arsenic MyEtherWallet. To person bid of caput that your keys volition stay safe, bargain yourself a hardware wallet and ditch the keystore files.