Monero (XMR), Ethereum (ETH), And Other Cryptos Stolen By Hacked MEGA Extension For Google Chrome

An extension for Google Chrome, the renowned Internet browser, using the popular MEGA file-sharing app got hacked a few days ago and leaked private keys, usernames, and passwords of hundreds of cryptocurrencies holders. During this cyber attack, the hackers managed to steal Monero (XMR) and Ethereum (ETH), among others.

A Reddit user going by the name of Gattacus reported on Tuesday, on the Monero (XMR) subreddit, that XMR holders must avoid v3.39.4 of the MEGA extension for Chrome because it might be hacked. He found that out after updating to the new version which asked him to allow the app to “read data on all websites,” fact which aroused some suspicions.

When Gattacus looked into the MEGA extension’s code he discovered a malware that would retrieve users private data every time someone would access one of the following sites:

  • MyMonero.com
  • MyEtherWallet.com
  • IDEX.market
  • Amazon.com
  • Live.com
  • Google.com
  • GitHub.com

Monero (XMR) and Ethereum (ETH) stolen as result of the MEGA extension hack on Google Chrome

According to the reports on this event, the cybercriminals obtained passwords, usernames, private keys, email addresses, and other session data all of which were sent by the malware to server considered to be in Ukraine.

This issue was a severe security flaw on Google Chrome, one of the Internet browsers that is struggling to stop hacking related to cryptocurrency. On the other hand, the MEGA extension for Mozilla Firefox and the official MEGA site were not affected by that malware. In consequence, Google removed the faulty MEGA extension from its Web Store.

Additionally, MEGA admitted that the new v3.39.4 version contained malware and stated that they released a clean MEGA extension variant, v3.39.5.

Unfortunately, this confirms once again that the cybercriminals are increasingly more attracted to the cryptocurrency universe, especially to privacy coins such as Monero (XMR), precisely because these assets promote anonymity of the transactions and holders of the accounts. On the other hand, the MEGA extension hack corroborated with the recent correction in the market caused Monero (XMR) to drop significantly.

Leave a Reply

Your email address will not be published. Required fields are marked *

100% match bonus based on first deposit of £/$/€20+. Additional bonuses.
T&Cs Apply
New players only. Welcome Bonus - 100% bonus on your first deposit up to €/$/£200 Unless otherwise stated. This bonus only applies for deposits of €/$/£10 or higher! All you need to do is just deposit the money in your website.com account and you will receive this bonus instantly!
*New users only