Mega bad day.

Chrome extension hack leads to cryptocurrency heist πŸ˜±πŸ’»πŸ’ΈπŸ’Έ1 min


Extensions for your browser are cool.
Such cool gadgets are in reality programs that run autonomously.
So if you have tons of not updated extensions, you risk getting hacked.

MEGA is a cloud storage service with a focus on Privacy. They have all sort of apps, and of course, handy Chrome extensions.

A Hacker managed to hack into MEGA's Google Chrome web store account and upload a malicious version. Upon installation or auto-update, the malicious extension asked for elevated permissions to access personal information, allowing it to steal login/register credentials from ANY websites like Amazon, Github, and Google, along with online wallets such as MyEtherWallet and MyMonero, and Idex.market cryptocurrency trading platform.

The Hacker received all this info on his website megaopac[.]host and cashed in all stolen cryptocurrencies.

Remember always make sure that you need an extension, and if it is asking for more information than usual, be suspicious!

You can read the details of how this was discovered here.
great cath /u/gattacus and  @serhack_ 

Photo by Kari Shea on Unsplash.
The rest we beautified βš‘οΈβ€οΈπŸŒˆπŸ’©.

Advertisements

Like it? Share with your friends!

0
Choose A Format
Personality quiz
Series of questions that intends to reveal something about the personality
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Poll
Voting to make decisions or determine opinions
Story
Formatted Text with Embeds and Visuals
List
The Classic Internet Listicles
Countdown
The Classic Internet Countdowns
Open List
Submit your own item and vote up for the best submission
Ranked List
Upvote or downvote to decide the best list item
Meme
Upload your own images to make custom memes
Video
Youtube, Vimeo or Vine Embeds
Audio
Soundcloud or Mixcloud Embeds
Image
Photo or GIF
Gif
GIF format