Mega bad day.

Chrome extension hack leads to cryptocurrency heist πŸ˜±πŸ’»πŸ’ΈπŸ’Έ1 min


Extensions for your browser are cool.
Such cool gadgets are in reality programs that run autonomously.
So if you have tons of not updated extensions, you risk getting hacked.

MEGA is a cloud storage service with a focus on Privacy. They have all sort of apps, and of course, handy Chrome extensions.

A Hacker managed to hack into MEGA's Google Chrome web store account and upload a malicious version. Upon installation or auto-update, the malicious extension asked for elevated permissions to access personal information, allowing it to steal login/register credentials from ANY websites like Amazon, Github, and Google, along with online wallets such as MyEtherWallet and MyMonero, and cryptocurrency trading platform.

The Hacker received all this info on his website megaopac[.]host and cashed in all stolen cryptocurrencies.

Remember always make sure that you need an extension, and if it is asking for more information than usual, be suspicious!

You can read the details of how this was discovered here.
great cath /u/gattacus and  @serhack_ 

Photo by Kari Shea on Unsplash.
The rest we beautified βš‘οΈβ€οΈπŸŒˆπŸ’©.

Like it? Share with your friends!


Internet McNulty. Creating to make Cyber Security for everyone.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Choose A Format
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Voting to make decisions or determine opinions
Formatted Text with Embeds and Visuals
The Classic Internet Listicles
The Classic Internet Countdowns
Open List
Submit your own item and vote up for the best submission
Ranked List
Upvote or downvote to decide the best list item
Upload your own images to make custom memes
Youtube, Vimeo or Vine Embeds
Soundcloud or Mixcloud Embeds
Photo or GIF
GIF format
Send this to a friend