MyEtherWallet has been hacked through a DNS hijack which transfers users to a phishing site that has already stolen 215 eth, currently worth around $150,000.
Those who used myetherwallet.com through Google Public DNS (8.8.8.8 / 8.8.4.4) had their DNS servers resolving the domain to a bad server that could steal private keys as shown by this invalid certificate:
DO NOT USE #myetherwallet(dot)com
currently through Google Public DNS (8.8.8.8 / 8.8.4.4)
If you used MetaMask or any hardwallet like Ledger or Trezor you should be safe
t appears the Google Public DNS is now resolving the correct ips with the SSL Connection showing green. However, it is not yet clear what exactly happened here, nor whether the matter has been fully resolved. We’ll re-print the just shared advice from Michael of Mycrypto with all his emphasis:
on etherscan.io to see if you’ve been victimized by this hack yet.
Transfer your funds off into a new wallet even if you haven’t been victimized yet. DO NOT GO TO THE SITE TO DO THIS
here: https://myetherwallet.github.io/knowledge-base/offline/running-myetherwallet-locally.html
DO NOT GO TO THE MEW WEBSITE UNTIL THE ISSUE HAS BEEN CONFIRMED TO BE FIXED BY MEW TEAM. CURIOSITY WILL KILL YOU, CAT.”
Just how resourced MEW is, therefore, and by association just how secure, is unclear after almost everyone left.
However, as stated it is unclear what exactly happened here or who/what is to blame for the theft besides of course the perpetrator.