ISPs tend to restrict what an end customer can advertise. However, any ISP do not filter customer advertisements.
A possible factor let’s hacker compromise the customer router thus advertise errant information into the global routing table.
An attackers stolen at least $13,000 in Ethereum within two hours.
Security expert speculate that it is a DNS attack. But many attack method can be used. For example: BGP hijacking. The scenario displayed on above diagram.
Headline news shown as below:
https://www.theverge.com/2018/4/24/17275982/myetherwallet-hack-bgp-dns-hijacking-stolen-ethereum