MyEtherWallet (MEW) experienced another serious security breach when a VPN service was compromised for five hours.
Hola, a free VPN service with approximately 50 million users, was compromised by a hack attempting to steal cryptocurrency from MEW users. Although the regular users of MEW were not affected, MEW users utilizing Hola during the five hour span could be in danger of losing their assets. Thus, MEW has urged those with Hola chrome extensions who have used MEW in the last 24 hours to transfer their funds to a different location.
We received a report that suggest Hola chrome extension was hacked for approximately 5 hrs and the attack was logging your activity on MEW.— MyEtherWallet.com (@myetherwallet) July 10, 2018
MEW is one of the most popular services for managing Ethereum-based cryptocurrencies, allowing users to access wallets to send and receive tokens. Despite its convenience, the nature of the service perhaps leaves too much room for potential hacks, as this is the second time this year that MEW has been threatened via third-party players.
Back in February, there was a Domain Name System (DNS) attack that robbed people of $365,000 in digital funds. These attacks are a reminder that cold hardware wallets, such as Trezor or Ledger, are much safer options than the hot wallets.