WARNING: Latest Update To MEGA Chrome Extension Is A Phishing Attempt
Hello friends... Today I am going to Warn evry1 regarding the latest update to Mega Chrome Extension.
Any user with this extension should immediately delete it, and decline when it asks permissions to read data on all websites.
Today, September 4, 2018, the MEGA cloud storage extension for Chrome was breached as an update shows malicious code added to the extension’s manifest.json and content.js allows the program to steal information from users including private keys to cryptocurrency wallets as well as username and password data from Amazon, GitHub, Google, and Microsoft accounts.
This isn’t the first time the Chrome Store has played host to a phishing extension focused on private keys; earlier this year a malicious version of MetaMask was briefly uploaded to the Chrome store after the real MetaMask add-on was erroneously removed from the store.
It is unclear whether the changes to the MEGA extension are the result of a hack of the team’s Google Webstore account, or whether there was another type of security issue. The last commit to the team’s GitHub was made 4 months ago, and the update that went out today isn’t among those items.
MEGA has yet to respond regarding the breached extension.
Apparently, an update to the MEGA extension prompts the add-on to ask users for permission to read data on all websites. This red flag caused some users to criticize or uninstall the add-on:
Reports of the MEGA extension breach began to spread across social media after Reddit user gattacus spotted the malicious changes to the formerly benign extension’s code. In greater detail, Monero developer SerHack tweeted warnings to the global community to remove the applications, after a review of the code revealed cryptocurrency wallets affected include Reports of the MEGA extension breach began to spread across social media after Reddit user gattacus spotted the malicious changes to the formerly benign extension’s code. In greater detail, Monero developer SerHack tweeted warnings to the global community to remove the applications, after a review of the code revealed cryptocurrency wallets affected include MyMonero, MyEtherWallet, and Aurora.
Analysis of the code reveals that the data being skimmed by the malicious extension is being forwarded to h[xx]ps://www.megaopac[dot]host/. MetaCert has classified this resource, as well as the link to the MEGA Chrome extension have been classified as malicious. Once again, if you have this extension on your computer uninstall it immediately.
As this case is ongoing, when more details become clear I will update the report.
MetaCert Protocol is decentralizing cybersecurity for the Internet, by defining ownership and URL classification information about domain names, applications, bots, crypto wallet addresses, social media accounts and APIs. The Protocol’s registry can be used by ISPs, routers, Wi-Fi hotspots, crypto wallets and exchanges, mobile devices, browsers and apps, to help address cyber threats such as phishing, malware, brand protection, child safety and news credibility. Think of MetaCert Protocol as the modern version of the outdated browser padlock and whois database combined.
Find out more about the MetaCert Protocol, ask questions, and leave suggestions on both our White Paper and Technical Paper. You can also join our Telegram community to stay up to date on our blockchain project. Remember to install Cryptonite to protect yourself from phishing scams before it’s too late.
If you like my post upvote comment follow and resteem👍👍