![]() Note that mega.nz credentials were not being exfiltrated." "Upon installation or autoupdate, it would ask for elevated permissions (Read and change all your data on the websites you visit) that MEGA's real extension does not require and would (if permissions were granted) exfiltrate credentials for sites including, ,, (for webstore login), , , idex.market and HTTP POST requests to other sites, to a server located in Ukraine. "On 4 September 2018 at 14:30 UTC, an unknown attacker uploaded a trojaned version of MEGA's Chrome extension, version 3.39.4, to the Google Chrome webstore." stated a blog post on this matter at Mega.nz. ![]() In a statement by Mega, the company states that their Chrome web store account was hacked and are looking into what happened. Mega issues a statement regarding hacked extension So this hack obviously has a very large impact.įor those who had this extension installed, you should remove the MEGA extension immediately You should then change your passwords at any accounts, especially financial, shopping, banking, and government institutions, that you may have used. When asked how many users had installed this extension, SerHack told BleepingComputer that there are over 1.6 million affected users. What should you do if you had MEGA installed? ![]() Researchers have also examined the Firefox version of MEGA addon and have concluded that it has not been tampered with. Therefore, this extension was compromised sometime after September 2nd. When installed the extension will monitor for specific login form submissions to Amazon, Microsoft, Github, and Google.Īccording the Chrome extension archive site,, the last version they archived was 3.39.3, which was on September 2nd 2018 and did not include the malicious code. It catches your username and password from Amazon, GitHub, Google, Microsoft portals!! It could catch #mega #extension #hacked /TnPalqj1cz LATEST VERSION OF MEGA CHROME EXTENSION WAS HACKED. !!! WARNING !!!!!!! PLEASE PAY ATTENTION!! Other security researchers quickly jumped into analyzing the extension and reporting their findings. This hack was first discovered by SerHack, a security researcher and contributor to the Monero project, who immediately tweeted a warning that the 3.39.4 version of the MEGA Chrome extension was hacked. Once it was discovered that the extension was replaced with a malicious variant, Google removed the extension from the Chrome Web Store. If you are interested in reserving a computer lab for a class, please complete the Computer Lab Reservation Form.Īcademic departments wishing to reserve an instructional lab for use at times other than regularly scheduled classes can contact the Mega Lab at call 21.Security researchers have discovered that the MEGA Chrome extension had been compromised to steal login credentials and cryptocurrency keys. There are several computer classroom labs available for Academic Department Instructional Use on the 5th floor of the Moody Learning Center (MLC). Please contact Mega Lab staff for additional information. Software applications are updated as new versions become available. Some computers may have special discipline specific software. Please note: The above items do not reflect a complete listing of all available software. (Word, Excel, PowerPoint, Access and more)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |