Monero Warns of MEGA Chrome Extension Vulnerability

3 min read
Elite CurrenSea

Elite CurrenSea

Forex broker

The developers behind Monero (XMR) warned its users that a recent MEGA Chrome extension featured a very serious vulnerability which can enable hackers to steal Monero tokens and other sensitive data.

The MEGA Chrome extension has been found to be compromised, which can allow an attacker to steal a user’s Monero as well as other important data Amazon, Live.com, Github.com, and Google’s webstore, according to posts made by Twitter and Reddit users.

The MEGA Chrome (version 3.39.4) claims to offer an improved browsing experience by reducing the loading time of web pages. It also features a cloud storage system, which claims to be secure but now it has been found out it is vulnerable to attacks. Both Monero and the users that have noticed the vulnerability have posted online about it.

A Reddit user pointed out that the updated version was manifesting in a suspicious behavior.

“There was an update to the extension and Chrome asked for new permission (read data on all websites). That made me suspicious and I checked the extension code locally (which is mostly javascript anyways). MEGA also has the source code of the extension on github… There was no commit recently. To me it looks either their Google Webstore account was hacked or someone inside MEGA did this. Pure speculation though.”

Chrome Webstore has since taken down the extension after the vulnerability surfaced on the internet. Momentarily, the download link displays a 404 error.

“PSA: The official MEGA extension has been compromised and now includes functionality to steal your Monero: https://www.reddit.com/r/Monero/comments/9cx7cc/dont_use_mega_chrome_extension_version_3394/ …”

Monero is often targeted by hackers due to the privacy features it presents. A few months prior to this event, more than 200,000 routers were compromised by a cryptojacking case which targeted Monero. There have also been various reports of malevolent malware by stealing computing power for mining Monero coins.

The crypto coin is often targeted by hackers due to its proof-of-work consensus algorithm, CryptoNight, which was developed to work seamlessly on consumer CPUs.

Leave a Reply

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
Notify of