MEGA Chrome Compromised: Targets Monero Users
Security has been one of these major concerns within the cryptocurrency space. Over the last few years, there have been several high-profile hacks, and it is alarming to imagine the possibility of waking up one morning to an empty wallet, because your wallet has been hacked. MEGA’s Chrome extension (latest version 3.39.4) has become the recent victim of a possible hack. The extension has been compromised and users Monero can now be stolen in addition to other vital information.
According to Monero’s recent post on its social media handles on Twitter and Reddit, XMR holders are advised to steer clear of MEGA:
MEGA is a company that offers cloud storage and file hosting services. The company posted an announcement with details:
“On 4 September 2018 at 14:30 UTC, an unknown attacker uploaded a trojan version of MEGA’s Chrome extension, version 3.39.4, to the Google Chrome website. Upon installation or auto update, it would ask for elevated permissions (read and change all your data on the websites you visit) that MEGA’s real extension does not require and would (if permissions were granted) exfiltrate credentials for sites including amazon.com, live.com, github.com, google.com (for website login), myetherwallet.com, mymonero.com, idex.market and HTTP POST requests to other sites, to a server located in Ukraine. Note that mega.NZ credentials were not being exfiltrated.”
Redditor u/gattacus, raised an alarm of a possible foul play following a request for new permission due to an update in extension name.
Google removed the MEGA extension from the Chrome webstore five hours after the breach.
As of the time of this report, the MEGA Chrome extension was still unavailable for download on the Chrome Webstore. Clicking the link of the extension will return a 404 error.
Earlier in February, researchers from China’s 360Netlab reported the presence of a malware called ‘ADB. Miner’, which makes use of user’s phone hardware power to mine Monero.
In September last year, a report was released that a group of Russian hackers had installed crypto mining malware on 9,000 computers over the course of two years. Hackers primarily mined XMR and Zcash (ZEC), amongst other cryptocurrencies. Over $200,000 is estimated to have been stolen in Monero.