tarting from 07:17 this morning, 179 inbound transactions totaling 216.06 ETH were sent to ETH address 0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29. At 10:15, the attacker sent 215 ETH to 0x68ca85dbf8eba69fb70ecdb78e0895f7cd94da83.
One MEW user on Reddit explained how they lost 0.9 ETH when their connection was intercepted as they logged in:
Woke up today, Put my computer on, went on to myetherwallet and saw that myetherwallet had a invalid connection certificate in the corner. I thought this was odd. https://i.imgur.com/2x9d7bR.png . So I double checked the url address, triple checked it, went on google, got the url . Used EAL to confirm it wasn't a phishing site. And even though every part of my body told me not to try and log in, I did. As soon as I logged in, there was a countdown for about 10 seconds and A tx was made sending the available money I had on the wallet to another wallet, "0x1d50588C0aa11959A5c28831ce3DC5F1D3120d29."