Kevin Beaumont reports that, by compromising a router at Equinix in Chicago, attackers were able to forge DNS responses for myetherwallet.com, with users "redirected to a server hosted in Russia, which served the website using a fake certificate." Victims' online wallets were drained of cryptocurrency.
Also at The Verge and Ars Technica which said
Amazon lost control of a small number of its cloud services IP addresses for two hours on [April 24] when hackers exploited a known Internet-protocol weakness that let them to redirect traffic to rogue destinations. By subverting Amazon's domain-resolution service, the attackers masqueraded as cryptocurrency website MyEtherWallet.com and stole about $150,000 in digital coins from unwitting end users. They may have targeted other Amazon customers as well.
(Score: 2, Informative) by Anonymous Coward on Monday April 30 2018, @01:17PM (1 child)
> The true message here is: Certificates don't give you the security you might think they do (well, I guess to most users of this site, that's not really news).
The The Verge article says:
(Score: 2) by JoeMerchant on Monday April 30 2018, @06:30PM
Wetware failure then. C'mon folks, when you need to turn off the auto-click when opening valuable account webpages.
🌻🌻 [google.com]