You can now find Cyber Kendra on Google News | Telegram

Official Mega Chrome Extension Steals Users Logins and Crypto Wallet Private Keys

Chrome extension oc caught stealing passwords, cryptocurrency private keys
If you are using Chrome extension then, immediately remove it and also change all your online account passwords.
An Italian developer and contributor to the Monero Project, who goes online with alias- SherHack, have found that Chrome extension version 3.39.4, had a malicious code behavior.

SherHack points that the official chrome extension of file sharing site, steals usernames and passwords from various sites and also private keys for cryptocurrency accounts.

According to an analysis of the extension's source, the malicious code triggered on sites such as Amazon, Google, Microsoft, GitHub, the MyEtherWallet and MyMonero web wallet services, and the IDEX cryptocurrency trading platform.

The malicious code records all the necessary details for login i.e. Username and password or cookies etc.. Moreover it also grab private keys of cryptocurrency wallets, if users visit one of there Crypto wallet accounts.

All the collected data were send to a server located at megaopac[.]host, hosted in Ukraine.

At the mean time Google had removed the extension from Chrome store but if you like to get and check it then you can get from dropbox link.
At the same time, Firefox addon of the is clear and no such behavior found. 

Mega and Google, both of them is yet to comment on this. 

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.