[WARNING]: MEGA Chrome Extension is Compromised: Remove the Extension NOW
If you use the official MEGA Chrome extension, then you need to stop using that extension immediately. The extension is stealing login usernames and passwords for crypto-related accounts.
The issue was spotted by /u/SamsungGalaxyPlayer, who posted the news on /r/cryptocurrency earlier today. However, major crypto companies have also been tweeting about the issue since news broke earlier today.
“If you use the official MEGA Chrome extension, please stop using it immediately. It includes functionality to collect login usernames and passwords for many common websites.”
MEGA is a popular cloud backup extension that allows users to get 50 GB of free storage space. Earlier today, an update was pushed to Chrome users. This update contains malware that will steal account information – including your social media accounts and crypto accounts.
Some of the websites affected by the attack include:
- Microsoft Live / OneDrive
If you use the extension in Chrome, and you’ve logged into the above services recently, then you need to remove the extension immediately and change your passwords.
The MEGA Chrome extension sends your data to a server at hxxxs://www.megaopac dot host/
The issue specifically affects version 3.39.4 of the MEGA Chrome extension. This issue is limited to Chrome and the Firefox version of the extension has not been compromised.
If you believe your account information has been compromised, then consider doing more than just changing your passwords. Move funds from any compromised accounts.
Better yet, if you’re accessing sensitive information on the internet, then consider avoiding any Chrome extension that requires permission to read browsing data. When you give an extension permission to read browsing data, you’re effectively giving away everything you do online. Extensions with this permission even have the ability to record keystrokes along with your browsing history. Even if you trust the company that developed the extension, the extension can always be compromised – say, by a rogue employee or someone with access to the extension’s listing.
As of 4pm EST, the MEGA Chrome extension has been removed from the Google Chrome webstore.