Author Topic: mega.nz official Chrome extension compromised, stealing passwords and keys (Read 2791 times)

Pecon · September 06, 2018, 12:35:42 PM

The official mega.nz Chrome extension was compromised and updated maliciously to steal user's passwords to various online services including Google, Amazon, Microsoft, Github, and various cryptocurrency wallets. The extension has already been removed and disabled, but if you had it installed any time in the past few days you should immediately change your passwords for all the affected services. The Firefox extension was not impacted.

Quote

Unfortunately, Google decided to disallow publisher signatures on Chrome extensions and is now relying solely on signing them automatically after upload to the Chrome webstore, which removes an important barrier to external compromise. MEGAsync and our Firefox extension are signed and hosted by us and could therefore not have fallen victim to this attack vector. While our mobile apps are hosted by Apple/Google/Microsoft, they are cryptographically signed by us and therefore immune as well.

https://www.zdnet.com/article/mega-nz-chrome-extension-caught-stealing-passwords-cryptocurrency-private-keys/
https://thehackernews.com/2018/09/mega-file-upload-chrome-extension.html

Ad Bot · Advertisement

Electrk.. · September 06, 2018, 12:43:39 PM

stop using chrome

K3k0m@n · September 06, 2018, 12:53:00 PM

Quote from: Electrk.. on September 06, 2018, 12:43:39 PM

stop using chrome

never

Insert Name Here� · September 06, 2018, 12:53:39 PM

Quote from: Electrk.. on September 06, 2018, 12:43:39 PM

stop using chrome

YouKnowWhoAgain · September 06, 2018, 12:54:45 PM

Quote from: Electrk.. on September 06, 2018, 12:43:39 PM

stop using chrome

no

Master Matthew� · September 06, 2018, 01:00:42 PM

Quote from: Electrk.. on September 06, 2018, 12:43:39 PM

stop using chrome

and what, use a browser that takes forever to load anything?

GreenBH� · September 06, 2018, 01:12:30 PM

firefox is great

Electrk.. · September 06, 2018, 01:13:46 PM

Quote from: K3k0m@n on September 06, 2018, 12:53:00 PM

never

Quote from: YouKnowWhoAgain on September 06, 2018, 12:54:45 PM

no

Quote from: Master Matthew� on September 06, 2018, 01:00:42 PM

and what, use a browser that takes forever to load anything?

enjoy your botnet

Kyuande · September 06, 2018, 01:15:12 PM

FireFox is bae

YouKnowWhoAgain · September 06, 2018, 01:21:14 PM

Quote from: Electrk.. on September 06, 2018, 01:13:46 PM

enjoy your botnet

Oh well. But good thing I don't use mega.nz or craptocurrency.

Insert Name Here� · September 06, 2018, 01:22:13 PM

Quote from: Master Matthew� on September 06, 2018, 01:00:42 PM

and what, use a browser that takes forever to load anything?

we didn't say switch to Internet Explorer

I use Opera, snappy (or snappier) than Chrome, modern af UI looks, light weight on ram like FireFox, and you can use certain Chrome extensions on it

PhantOS · September 06, 2018, 01:28:45 PM

"stop using chrome"

>Chrome has nothing to do with this

Pecon · September 06, 2018, 01:35:11 PM

Quote from: PhantOS on September 06, 2018, 01:28:45 PM

"stop using chrome"

>Chrome has nothing to do with this

Read the quoted text. Google isn't allowing developers to self-sign their code, which lead to this happening in the first place.

The Murderous Cop · September 06, 2018, 04:15:14 PM

thank god i use firefox, aka a not stuffty browser

Unova2 · September 06, 2018, 04:28:34 PM

Mega pushes their downloadable clients too much for this stuff to not be expected