MEGA Google Chrome extension was hacked to steal virtual currency

by ·

The extension of the well-known foreign network disk MEGA in Google Chrome was attacked by hackers and replaced with a version carrying malicious scripts.

The MEGA Google Chrome extension was initially designed to make it easy for users to upload files, but hackers seem to have successfully stolen the developer’s Google account by unknown means.

After stealing the account, the hacker is replaced with a malicious version of the extension submitted to the Google Chrome store. After the problem is discovered, Google has quickly expanded.

 

Used to steal virtual currency:

The hackers who attacked MEGA mainly want to take virtual currency. When the user installs the malicious version, the account password entered on each website is recorded.

In particular, Monroe and Ethereum online wallet addresses will be monitored in real time. If a user enters an account password during this period, it will be directly stolen.

These records will be sent to the Ukrainian server controlled by the hacker, and Microsoft and Amazon accounts will be sent in addition to the virtual currency.

MEGA acknowledges that the account was compromised:

It is worth noting that the original researchers found that the extension was abnormal, and then immediately attracted the attention of other security people after posting to Twitter.

After analysis, only the MEGA extension of Google Chrome has been tampered with, and the Firefox browser’s MEGA extension has not changed.

The MEGA official currently acknowledges the incident and claims that the company’s developer account has been compromised. It is not known whether the password will be leaked in other ways or fishing.

What should the user do:

If you are a MEGA extension user and happen to use a virtual currency online wallet, don’t hesitate to change all account passwords to prevent theft.

There are currently no users reporting the theft of virtual currency, but replacing all passwords based on security considerations is the only way to strengthen defences now.

Via: bleepingcomputer

Tags: