MEGA Chrome Extension was Hijacked

Do you have Chrome’s extension MEGA file storage service?! It might be in your best interest to uninstall it right now.

MEGA is Chrome’s official extension cloud storage service.

Yesterday, September 4th, an unknown hacker was able to crack into MEGA’s Google Chrome web store account and uploaded a malicious version 3.39.4 of an extension to the web store.

The hacker compromised the storage service and replaced it with malware that can steal users’ credentials for popular websites like Amazon, Microsoft, Github, and Google.  Private keys for users’ cryptocurrency could also be stolen.

Trojanized MEGA

If you installed infected MEGA or if it auto-updated to 3.39.4, the malware would ask for permissions to access personal information.

“You are only affected if you had the MEGA Chrome extension installed at the time of the incident, autoupdate enabled, and you accepted the additional permission, or if you freshly installed version 3.39.4,” the company warned.

From there, the trojanized MEGA will then send back all stolen information to the hacker’s server which is located at in Ukraine.  The hacker will use these logins to get into users’ accounts as well as steal digital currencies from cryptocurrency wallets.

MEGA 3.39.5

Four hours after the malicious version was released, the company noticed and updated the extension with a clean MEGA version 3.39.5 auto-updating all the affected installations.

Google removed the MEGA extension from the Chrome Web Store five hours after the incident.  Users were notified that it would be best to change their credentials of websites and applications they visited with trojanized MEGA Chrome extension was active.

So be sure to update your MEGA extension to the 3.39.5 version and change your passwords!  A hacker can do a lot of damage with this malicious spyware. Don’t be a victim! Share this post so others around you can also secure their digital lives.

  • 16