Mega bad day.

Chrome extension hack leads to cryptocurrency heist πŸ˜±πŸ’»πŸ’ΈπŸ’Έ1 min

Extensions for your browser are cool.
Such cool gadgets are in reality programs that run autonomously.
So if you have tons of not updated extensions, you risk getting hacked.

MEGA is a cloud storage service with a focus on Privacy. They have all sort of apps, and of course, handy Chrome extensions.

A Hacker managed to hack into MEGA's Google Chrome web store account and upload a malicious version. Upon installation or auto-update, the malicious extension asked for elevated permissions to access personal information, allowing it to steal login/register credentials from ANY websites like Amazon, Github, and Google, along with online wallets such as MyEtherWallet and MyMonero, and cryptocurrency trading platform.

The Hacker received all this info on his website megaopac[.]host and cashed in all stolen cryptocurrencies.

Remember always make sure that you need an extension, and if it is asking for more information than usual, be suspicious!

You can read the details of how this was discovered here.
great cath /u/gattacus and  @serhack_ 

Photo by Kari Shea on Unsplash.
The rest we beautified βš‘οΈβ€οΈπŸŒˆπŸ’©.


Like it? Share with your friends!

Choose A Format
Personality quiz
Series of questions that intends to reveal something about the personality
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Voting to make decisions or determine opinions
Formatted Text with Embeds and Visuals
The Classic Internet Listicles
The Classic Internet Countdowns
Open List
Submit your own item and vote up for the best submission
Ranked List
Upvote or downvote to decide the best list item
Upload your own images to make custom memes
Youtube, Vimeo or Vine Embeds
Soundcloud or Mixcloud Embeds
Photo or GIF
GIF format