Case Study: MyEtherWallet protects users from domain hijacking with Cloudflare DNSSEC

MEW (MyEtherWallet) Works With Cloudflare to Keep Users Safe

MyEtherWallet (MEW) is a popular free, open‑source tool that lets users manage their own blockchain transactions without MEW ever holding passwords, private keys, or funds. In early 2018 attackers exploited weaknesses in Internet routing and DNS to redirect users to an identical imposter site that stole private keys, damaging MEW’s reputation and exposing the broader vulnerability of legacy DNS/BGP infrastructure.

MEW partnered with Cloudflare to harden its domain against such hijacks by enabling DNSSEC and taking advantage of Cloudflare’s DNS, registrar support, and performance features. The move made DNS record validation straightforward (one‑click for Cloudflare customers with a supported registrar) and prevented domain‑level hijacking, restoring user trust and protecting MEW’s site from the kind of routing/DNS attacks that had previously targeted it.

MyEtherWallet

Kosala Hemachandra

Founder and CEO