Technology 2 min read

MEWKit Targets Ethereum Wallets in Cryptocurrency Phishing Attack

MEWkit, the latest group adapting phishing strategies. | MicroOne |

MEWkit, the latest group adapting phishing strategies. | MicroOne |

This article details breaking news of MEWKit as reported by RiskIQ.

In theory, cryptocurrency users enjoy safer financial transactions than traditional banking options. However, the visibility of crypto-hacks and ransomware attacks that demand cryptocurrency over the last year have called this theory into question.

What’s more, digital threat management firm RiskIQ recently identified a new group of bad actors targeting Ethereum wallets with phishing schemes.

What is MEWKit, how does it work, and how can you protect yourself?

image of ethereum coins for article MEWKit Targets Ethereum Wallets in Cryptocurrency Phishing Attack
Ethereum coins |

What it is and how it Works

RiskIQ released a press release May 17th, 2018 at 6 AM Eastern Time detailing the attack. The phishing scam imitates MyEtherWallet’s front-end interface in order to steal credentials.

MEWKit then activates an “automated transfer system” in order to process details attained on the fake page for fund transfers. It works by injecting scripts into your active sessions, transferring ETH amounts shortly after you log in.

Researchers say that hackers prefer MyEtherWallet due to its ease of access and simplicity.

After infection and decryption, the group drains the account, but all MEWKit activity remains hidden. Threat Researcher Yonathan Klijnsma from RiskIQ elaborated on why the MEWKit attack should alarm people.

“This attack demonstrates how actors are changing their tactics to target the unique vulnerabilities of cryptocurrency’s surrounding services and implementations…”

Not Much on the Protection Front yet

Researchers don’t yet know how MyEtherWallet users can best defend themselves. They also don’t yet know which criminal group initiated the MEWKit attacks.

But they advise MyEtherWallet users to be mindful of which URLs they use. Either use “…a bookmarked page for MyEtherWallet or type in the username yourself…”

You can access the full report on RiskIQ’s website after entering some information.

What is your advice for people wishing to avoid MEWKit’s phishing attack?

First AI Web Content Optimization Platform Just for Writers

Found this article interesting?

Let Juliet Childers know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.

Profile Image

Juliet Childers

Content Specialist and EDGY OG with a (mostly) healthy obsession with video games. She covers Industry buzz including VR/AR, content marketing, cybersecurity, AI, and many more.

Comments (0)
Most Recent most recent
share Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.