//The MEGA Chrome extension has been compromised and includes functionality to steal your cryptocurrency

The MEGA Chrome extension has been compromised and includes functionality to steal your cryptocurrency

STORY DEVELOPING – UPDATES TO COMEIf you use the official MEGA Chrome extension, please stop using it immediately. It includes functionality to collect login usernames and passwords for many common websites, including but not limited to:GoogleFacebookMyEtherWalletMyMoneroGitHubMicrosoft Live/OneDriveAll data is being sent to hxxxs://www.megaopac dot host/Impacts version: 3.39.4Only the Chrome version is impacted. The Firefox version is safe.Remediation: uninstall immediately, change important passwords, transfer funds from possible compromised accountsThe MEGA Chrome extension source code has not been updates in four months, suggesting that the account responsible with updating the version given to Google was compromised.More information:https://np.reddit.com/r/Monero/comments/9cx7cc/dont_use_mega_chrome_extension_version_3394/https://twitter.com/serhack_/status/1037026672787304450https://twitter.com/myetherwallet/status/1037047371564122112https://twitter.com/MyCrypto/status/1037028933214978049https://twitter.com/monero/status/1037028428476760064https://twitter.com/fluffypony/status/1037050405124014086https://twitter.com/find_evil/status/1037037637842944002https://twitter.com/exodus_io/status/1037039173868445697https://twitter.com/W0wn3r0/status/1037041429531377664 (lol)

STORY DEVELOPING – UPDATES TO COME


If you use the official MEGA Chrome extension, please stop using it immediately. It includes functionality to collect login usernames and passwords for many common websites, including but not limited to:

  • Google

  • Facebook

  • MyEtherWallet

  • MyMonero

  • GitHub

  • Microsoft Live/OneDrive

All data is being sent to hxxxs://www.megaopac dot host/

Impacts version: 3.39.4

Only the Chrome version is impacted. The Firefox version is safe.

Remediation: uninstall immediately, change important passwords, transfer funds from possible compromised accounts

The MEGA Chrome extension source code has not been updates in four months, suggesting that the account responsible with updating the version given to Google was compromised.


More information:

https://np.reddit.com/r/Monero/comments/9cx7cc/dont_use_mega_chrome_extension_version_3394/

https://twitter.com/serhack_/status/1037026672787304450

https://twitter.com/myetherwallet/status/1037047371564122112

https://twitter.com/MyCrypto/status/1037028933214978049

https://twitter.com/monero/status/1037028428476760064

https://twitter.com/fluffypony/status/1037050405124014086

https://twitter.com/find_evil/status/1037037637842944002

https://twitter.com/exodus_io/status/1037039173868445697

https://twitter.com/W0wn3r0/status/1037041429531377664 (lol)