MyEtherWallet Confirmed Hack via DNS Loophole
The attackers don’t seem to have compromised MyEtherWallet itself. Instead, they attacked the infrastructure of the internet, intercepting DNS requests formyetherwallet.comto make the Russian server seem like the rightful owner of the address. Most of the affected users were employing Google’s 126.96.36.199 DNS service.
However, because Google’s service isrecursive, the bad listing was likely obtained through Amazon’s “Route 66” system.