The MEGA Chrome Extension Has Been Compromised
The MEGA google chrome extension has been hacked and can now be used to steal Monero in addition to other sensitive information belonging to users as per recent updates on Twitter and Reddit. The official account of Monero tweeted warning users about this compromise and advising Monero holders to stay away from MEGA. The tweet was as follows,
PSA: The official MEGA extension has been compromised and now includes functionality to steal your Monero: https://www.reddit.com/r/Monero/comments/9cx7cc/dont_use_mega_chrome_extension_version_3394/ …
@serhack_ responded to this,
!!! WARNING !!!!!!! PLEASE PAY ATTENTION!!
LATEST VERSION OF MEGA CHROME EXTENSION WAS HACKED.
So what is the MEGA extension? It is a tool that claims to improve browser performance by reducing page loading times and also provides a secure cloud storage service. A Reddit user posted on Monero’s official Reddit page that they were suspicious of some activity happening in relation to MEGA. They wrote,
At the time of writing, the MEGA chrome extension is no longer available for download on Google chrome. When clicked on it, it shows a 404 error.
Monero, which has often been branded as a private and untraceable cryptocurrency, has been the target for illicit and illegal trading activities in the cryptocurrency space.
According to Reddit forum information, this hack is capable of stealing information from websites such as Google, Facebook, MyEtherWallet, MyMonero, Github, Microsoft Live/OneDrive and more. Furthermore, so far, only the chrome version has been affected by the attack and the firefox version is safe to use. Regardless, it would be better for users to be cautious as the Firefox version may be the next target.
In case you or someone you know uses MEGA or has been affected by this, uninstall the extension, change all major and important passwords and transfer funds from possibly compromised accounts.
@PWPersian commented on reddit,
Wow this is huge, I do not personally use MEGA, however, I am always afraid of extensions going rouge as I check up on updates the least often for them, sending this to everyone I know to make sure they know to change passwords etc.
@_electrik commented on reddit,
Surprisingly not shocking…. after all they have all kind of malware inside the source code and those are irrefutable facts. Only way to go stop using their services and pass the message to all you know to do the same. Use secure encrypted mails, use VPN, lawsuits against them… etc etc etc.
@shokeruh commented on reddit,
Use a different chrome identity for crypto related Stuffs, one with ZERO extensions. You don’t need an adblock/etc when you login on your exchange/etc.
@moorsh also made a similar comment,
This is why you should be using a browser or at least an independent Chrome profile without any plugins, saved passwords, same email, etc. when logging into your crypto/exchange accounts.