Google Chrome Browser Extension is being hacked - Share it now to stop propagation....!!!
VARINDIA- INDIA'S FRONTLINE IT MAGAZINE
Warning ! If you are using Chrome browser extension from the MEGA file storage service, uninstall it right now.
The most popular Mega chrome extension is being hacked by an attacker's server located at megaopac host in Ukraine and replaced with a bundle of PUP Malware for Stealing your Security Information
Most of us are popular with the chrome browser and it occupies 59% Browser share world wide with complairsion to other browsers like Internet Explorer, Safari, Firefox and Opera.Google's strong marketing strategy for Chrome certainly contributed (and continues to contribute) to the browser's success. Besides actively stimulating interest in Chrome through marketing, Google's own credibility and reputation passively attract attention to Chrome. Chrome itself famous for its Simplicity and Technologies. Chrome wants the user to focus on the web content without distraction from the browser's UI.
But two days ago, on 4th of September an insightful PUP ( Potentially Unwanted Programs) attack happend to the Mega Chrome Extension globally. Basically the Mega Chrome chrome extension (from Mega.nz) supports file hosting and sharing services, which has been compromised by an attacker who uploaded a malicious version of MEGA's Chrome extension, version 3.39.4, to the Google Chrome web store. This PUP enabled malicious version is capable of stealing users' credentials for popular websites like Amazon, Microsoft, Github, and Google, as well as private keys for user’s cryptocurrency wallets and other bankers Information.
The official Twitter account of Monero (XMR) also posted a warning about the incident, saying that the malicious MEGA extension also includes functionality to steal Monero cryptocurrency and advising Monero holders to stay away from the extension. This hack was first discovered by SerHack, a security researcher and contributor to the Monero project, who immediately tweeted a warning that the 3.39.4 version of the MEGA Chrome extension was hacked. Other security researchers quickly jumped into analyzing the extension and reporting their findings.
Although the company has not revealed the number of users affected by the security incident, it is believed that the malicious version of the MEGA Chrome extension may have been installed by tens of millions of users.
The Firefox version of MEGA has not been impacted or tampered with, and users accessing MEGA through its official website (https://mega.nz) without the Chrome extension are also not affected by the breach.
How it Penetrates :
During installation or auto-update, Mega would ask users to allow additional permission that would allow it to steal credentials from sites like Amazon, Github, and Google, along with online wallets such as MyEtherWallet and MyMonero in a freaky way. If users had accepted the additional permissions or had auto-update enabled the malicious version will get downloaded thus compromising the entire personal information of the users.
According to the researchers, only those users are affected who already had the MEGA Chrome extension installed at the time of the incident, auto update enabled, and they accepted the additional permission, or if users had freshly installed version 3.39.4.
The trojanized Mega extension then sent all the stolen information back to an attacker's server located at megaopac host in Ukraine, which is then used by the attackers to log in to the victims' accounts, and also extract the cryptocurrency private keys to steal users' digital currencies.
The Buttom Line : How to be Safe ???
Comments
Post a Comment