EtherDelta hacked, notifies users but not host
EtherDelta has just made it official on their twitter and reddit accounts that there was a hack that involved forwarding users to a fake website. The motive of the hack is to let users log-in using their ethereum account and steal their funds. So we urge the Etherdelta traders not to visit the website until the issue is resolved. You can follow EtherDelta’s twitter account for staying updated or this article that will be updated once the site is safe again.
According to a screenshot leaked on their reddit page, EtherDelta never contacted the host about their compromised website. This looks pretty bad from a security and user protection standpoint. Now, the EtherDelta has already been moved to a new host but since there is no official tweet about this to the users, do not visit the website.
EtherDelta didn’t contact the host of the scam website to ask that provider to shut it down. EtherDelta didn’t change hosting by choice. They had their domain hijacked and the hackers changed the DNS to their own host. It isn’t a matter of EtherDelta changing their hosting. Don’t visit the EtherDelta website until they safely have the domain back under their control. The DNS still points to some shady web hosting company.
As long as you do not visit the fake website it shouldn’t be possible to gain access to your keys or any of your funds in the smart contract.
Update – EtherDelta says that the site is now functioning normal.