Skip to main content
  1. Home
  2. Computing
  3. Web
  4. News

Hackers hijacked traffic through Amazon servers for two hours, undetected

Add as a preferred source on Google

The event, which only lasted about two hours on Tuesday, April 24, saw traffic to Amazon’s cloud web hosting servers redirected to malicious websites. Not all of the traffic, just a small slice of it, about 1,300 IP addresses, according to Oracle. The attack saw traffic to MyEtherWallet redirected a malicious version of itself, where the attackers could siphon cryptocurrency off of users who thought they were logging into their cryptocurrency wallets.

One such site, MyEtherWallet, was cloned by attackers but likely didn’t result in the kind of massive theft we’re used to seeing when cryptocurrency wallets or exchanges are attacked. According to Ars Technica, the cryptocurrency wallet into which the fake MyEtherWallet site was dumping its cryptocurrency already had about $27 million worth of cryptocurrency in it.

Recommended Videos

Details like this have led some to believe the attack could have been state-sponsored, potentially with ties to Russia.

“So far the only known website to have traffic redirected was to MyEtherWallet.com, a cryptocurrency website. This traffic was redirected to a server hosted in Russia, which served the website using a fake certificate — they also stole the cryptocoins of customers,” wrote security researcher Kevin Beaumont. “The attacks only gained a relatively small amount of currency from MyEtherWallet.com — however their wallets in total already contained over [20 million pounds] of currency. Whoever the attackers were are not poor.”

It may not have been the first time these hackers have staged such an attack either, according to Ars. There were a couple suspiciously similar attacks in 2013 when hackers hijacked internet traffic to a number of U.S. companies, routing the traffic through Russian ISPs. Affected companies included Visa, MasterCard, Apple, and Symantec. Eight months later, another set of U.S. companies saw their traffic hijacked with the same kind of exploit.

These 2013 attacks used the same “border gateway protocol” exploit as today’s attack. Beaumont elaborated that today’s attack requires access to sophisticated equipment, which leads him to believe MyEtherWallet was not likely the only target — just the one we happened to notice.

“Mounting an attack of this scale requires access to BGP routers are major ISPs and real computing resource to deal with so much DNS traffic. It seems unlikely MyEtherWallet.com was the only target, when they had such levels of access,” Beaumont wrote. “Additionally, the attackers failed to obtain an SSL certificate while man-in-the-middle attacking the traffic — a very easy process — which alerted people to the issue at scale.”

Jaina Grey
Former Digital Trends Contributor
Jaina Grey is a Seattle-based journalist with over a decade of experience covering technology, coffee, gaming, and AI. Her…
AI image generators have escaped nightmare fingers and entered the fake premium era
Meta Muse, Gemini, and ChatGPT can now make clean, usable images. They also keep making reality look like a product render with feelings.
Terminal, Railway, Train

I expected this comparison to be uglier. Meta Muse, Gemini Nano Banana 2, and ChatGPT Images 2.0 sounded like a perfect setup for plastic faces, mangled hands, fake products, and posters written in haunted alphabet soup. Instead, they were mostly competent, which somehow made the whole thing more suspicious.

These aren’t identical tools wearing different logos. Meta pitches Muse Image as a social image model living inside Meta AI and its apps. Google frames Nano Banana 2 around speed, editing, and Gemini’s broader knowledge. OpenAI sells ChatGPT Images 2.0 on text rendering, visual control, and stronger prompt handling. Different ambitions, same polished little showroom.

Read more
DuckDuckGo’s browser now blocks the YouTube ads everyone hates
DuckDuckGo adds a Brave-like YouTube ad blocking feature
Text, Aircraft, Airplane

DuckDuckGo has spent the past few months gaining fresh attention as more users look for alternatives to Google’s increasingly AI-heavy Search experience. Now, the privacy-focused company is adding a feature that could make its browser even more tempting for everyday use. DuckDuckGo says its browser can now block most video ads, including those on YouTube, when a video is playing inside the browser.

What’s happening?

Read more
ChatGPT Live could make talking to AI feel straight out of the movies
We might finally get the AI sidekick sci-fi movies promised
Elderly women using ChatGPT live on a smartphone

AI voice assistants have been chasing the sci-fi dream for years, but they still have a hard time holding a conversation with humans. Most voice systems still need clear turns, clean pauses, and a few seconds before they respond. OpenAI is now rolling out GPT-Live, a new voice model for ChatGPT Voice that is designed to make those exchanges feel faster and less scripted.

The main upgrade is what OpenAI calls a full-duplex architecture. In simpler terms, GPT-Live can listen and speak at the same time. It continuously processes what the user is saying while also generating its own response, allowing it to decide when to talk, when to pause, when to keep listening, and when to use a tool.

Read more