The MEGA Chrome Extension Has Been Compromised

The MEGA Chrome Extension Has Been Compromised

The MEGA google chrome extension has been hacked and can now be used to steal Monero in addition to other sensitive information belonging to users as per recent updates on Twitter and Reddit. The official account of Monero tweeted warning users about this compromise and advising Monero holders to stay away from MEGA. The tweet was as follows,

PSA: The official MEGA extension has been compromised and now includes functionality to steal your Monero: …

@serhack_ responded to this,



Version: 3.39.4

It catches your username and password from Amazon, GitHub, Google, Microsoft portals!! It could catch #mega #extension #hacked@x0rz

So what is the MEGA extension? It is a tool that claims to improve browser performance by reducing page loading times and also provides a secure cloud storage service. A Reddit user posted on Monero’s official Reddit page that they were suspicious of some activity happening in relation to MEGA. They wrote,

There was an update to the extension and Chrome asked for new permission (read data on all websites). That made me suspicious and I checked the extension code locally (which is mostly javascript anyways). MEGA also has the source code of the extension on github […] There was no commit recently. To me it looks either their Google Webstore account was hacked or someone inside MEGA did this. Pure speculation though.

At the time of writing, the MEGA chrome extension is no longer available for download on Google chrome. When clicked on it, it shows a 404 error.

Monero, which has often been branded as a private and untraceable cryptocurrency, has been the target for illicit and illegal trading activities in the cryptocurrency space.

According to Reddit forum information, this hack is capable of stealing information from websites such as Google, Facebook, MyEtherWallet, MyMonero, Github, Microsoft Live/OneDrive and more. Furthermore, so far, only the chrome version has been affected by the attack and the firefox version is safe to use. Regardless, it would be better for users to be cautious as the Firefox version may be the next target.

In case you or someone you know uses MEGA or has been affected by this, uninstall the extension, change all major and important passwords and transfer funds from possibly compromised accounts.

@PWPersian commented on reddit,

Wow this is huge, I do not personally use MEGA, however, I am always afraid of extensions going rouge as I check up on updates the least often for them, sending this to everyone I know to make sure they know to change passwords etc.

@_electrik commented on reddit,

Surprisingly not shocking…. after all they have all kind of malware inside the source code and those are irrefutable facts. Only way to go stop using their services and pass the message to all you know to do the same. Use secure encrypted mails, use VPN, lawsuits against them… etc etc etc.

@shokeruh commented on reddit,

Use a different chrome identity for crypto related Stuffs, one with ZERO extensions. You don’t need an adblock/etc when you login on your exchange/etc.

@moorsh also made a similar comment,

This is why you should be using a browser or at least an independent Chrome profile without any plugins, saved passwords, same email, etc. when logging into your crypto/exchange accounts.

Read Also:MetaMask Goes Missing From Chrome and Then Returns

Follow us on Telegram, and Twitter. Subscribe to our newsletter!

Please follow and like us:

Leave a Response

Pallavi Janiani

Pallavi Janiani

Content Writer
I am studying Business and psychology at the university of Minnesota. Apart from learning about how the economy and the human mind works, I spend my time dancing with my bollywood fusion team, reading, writing, traveling, usually with a cup of coffee in my hand.