EtherDelta funds stolen
Over the last few days there have been several reported incidents of funds being drained from wallets used in EtherDelta.
What happened?
One or more individuals are posting malicious links. These can come disguised as ANY link.
Instead of taking you to the link's location, it will redirect you to EtherDelta. The link also has a javascript embedded, which then reads out your private key from EtherDelta, if you should be logged in or have the data stored in your browser. The hacker has then full access over all funds on this public key and usually withdraws them within seconds.
How can I protect myself?
- try to avoid links from sources you don't trust
- use EtherDelta in incognito mode and log out after every session
- don't use your actual wallet on ED, but create a new one, send money there and withdraw it to your main account after you finished trading
- avoid EtherDelta until the exploit is fully fixed
Has anyone here been affected by this? Di you have any more tips to avoid getting funds stolen?
Stay safe everyone!
Subscribe to my blog for heads-ups on upcoming ICOs, trading tips, crypto news and guides!
Below button works as a link to my profile, make sure to follow if you like my stuff! Thank you!
I use uBlock Origin and uMatrix to block 3-rd party scripts and frames. uMatrix also block reading cookies by 3rd party sites. Both tools makes internet browsing much safer.
There is also a Containers add-on for Firefox that works similar to Incognito mode, but allows to use a separate cookie container in different tabs instead of new private window.
Thanks, haven't heard of them tools but I will look into them as I think I definitely could do with stepping up my surfing OpSec. I used to use noscript for a while but it doesn't really make surfing a pleasant experience. Also EtherDelta won't run with Javascript disabled... still could have saved some of the people who were affected
Very good info on Security. When you own Crypto Coins you are your own bank. Take steps to secure your investments. Thank you for getting the word out on this issue @schwmm Upvoted:Resteemed:Following.
Thank you, checking your stuff out now, too.
I am usually very careful with what I do online but I thought this exploit was specifically scary. Clicking a link to an apparently harmless site while being logged in from an earlier session is all it needs!
Yep. I believe others are a little safer because of your post :)
Loads of information. Many thanks. Love it. @schwmm Followed