Technology 2 min read

MEWKit Targets Ethereum Wallets in Cryptocurrency Phishing Attack

The latest phishing attack doesn't involve email credentials or social media, but cryptocurrency. Learn about what MEWKit is, how the digital threat firm RiskIQ identified it, and how to protect yourself.

MEWkit, the latest group adapting phishing strategies. | MicroOne | Shutterstock.com

MEWkit, the latest group adapting phishing strategies. | MicroOne | Shutterstock.com

This article details breaking news of MEWKit as reported by RiskIQ.

In theory, cryptocurrency users enjoy safer financial transactions than traditional banking options. However, the visibility of crypto-hacks and ransomware attacks that demand cryptocurrency over the last year have called this theory into question.

What’s more, digital threat management firm RiskIQ recently identified a new group of bad actors targeting Ethereum wallets with phishing schemes.

What is MEWKit, how does it work, and how can you protect yourself?

Ethereum coins | ethereumprice.org

What it is and how it Works

RiskIQ released a press release May 17th, 2018 at 6 AM Eastern Time detailing the attack. The phishing scam imitates MyEtherWallet’s front-end interface in order to steal credentials.

MEWKit then activates an “automated transfer system” in order to process details attained on the fake page for fund transfers. It works by injecting scripts into your active sessions, transferring ETH amounts shortly after you log in.

Researchers say that hackers prefer MyEtherWallet due to its ease of access and simplicity.

After infection and decryption, the group drains the account, but all MEWKit activity remains hidden. Threat Researcher Yonathan Klijnsma from RiskIQ elaborated on why the MEWKit attack should alarm people.

“This attack demonstrates how actors are changing their tactics to target the unique vulnerabilities of cryptocurrency’s surrounding services and implementations…”

Phishing graphic | realbusiness.co.uk

Not Much on the Protection Front yet

Researchers don’t yet know how MyEtherWallet users can best defend themselves. They also don’t yet know which criminal group initiated the MEWKit attacks.

But they advise MyEtherWallet users to be mindful of which URLs they use. Either use “…a bookmarked page for MyEtherWallet or type in the username yourself…”

You can access the full report on RiskIQ’s website after entering some information.

What is your advice for people wishing to avoid MEWKit’s phishing attack?

Found this article interesting?

Let Juliet Childers know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.


Profile Image

Juliet Childers

Content Specialist and EDGY OG with a (mostly) healthy obsession with video games. She covers Industry buzz including VR/AR, content marketing, cybersecurity, AI, and many more.

Comments (0)
Most Recent most recent
You
share Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.