Popular cryptocurrency wallet service MyEtherWallet urged some of its users to move their funds to a new wallet address, after reports that a hacker group may have compromised a virtual private network (VPN) browser extension for Google Chrome.
In two tweets posted on July 9, MyEtherWallet (MEW) claimed that the Hola VPN chrome extension “was hacked for approximately 5 hours, and the attack was logging your activity on MEW.” The wallet service then urged users that had installed the Hola chrome extension and used MEW within the last 24 hours to “please transfer your funds immediately to a brand new account!”
This is the second major security breach to have hit MyEtherWallet in under three months. MyEtherWallet confirmed that some of its DNS servers were “hijacked” by unknown parties in April, potentially redirecting some users to a website that phished for users’ private keys. The hacker was able to steal around 215 ETH, which was worth about $150,000 at the time.