Bitcoin Forum
November 07, 2024, 12:13:44 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Hackers Breach MEGA Chrome Extension To Steal Crypto Private Keys  (Read 290 times)
peter0425 (OP)
Sr. Member
****
Offline Offline

Activity: 2828
Merit: 458


Vave.com - Crypto Casino


View Profile
September 05, 2018, 07:18:04 AM
Merited by Herbert2020 (1)
 #1

Quote
MEGA Falls Victim To Cybersecurity Breach

On Tuesday morning, concerned individuals across the web took to social media to reveal that malicious code had taken the place of MEGA’s chrome extension, which has been downloaded tens of millions of times across the globe. Some claimed that the updated code allowed the extension to gather sensitive data from popular websites across the internet.

At first, many believed that this hack only affected popular websites, like Google and Facebook, but upon further analysis, cybersecurity experts noted that the updated MEGA extension could grab sensitive data from crypto-related sites as well.

Ricardo Spagni, a well-known Monero developer, backed up this claim, telling his followers that Monero and Ethereum private keys could be stolen via the combination of MEGA Chrome (version)

https://www.newsbtc.com/2018/09/05/hackers-breach-mega-chrome-extension-to-steal-crypto-private-keys/

A not so friendly news to hear. I don't used MEGA Chrome extension, but I just want to give everyone a fair warning about a recent hack. Also mentioned in the articles are Amazon, Google, Microsoft, Github, MyEtherWallet, MyMonero, And IDEX were all affected. So stay safe everyone.

manwithsuit909
Newbie
*
Offline Offline

Activity: 98
Merit: 0


View Profile
September 05, 2018, 07:20:02 AM
 #2

Quote

MEGA Falls Victim To Cybersecurity Breach

On Tuesday morning, concerned individuals across the web took to social media to reveal that malicious code had taken the place of MEGA’s chrome extension, which has been downloaded tens of millions of times across the globe. Some claimed that the updated code allowed the extension to gather sensitive data from popular websites across the internet.

At first, many believed that this hack only affected popular websites, like Google and Facebook, but upon further analysis, cybersecurity experts noted that the updated MEGA extension could grab sensitive data from crypto-related sites as well.

Ricardo Spagni, a well-known Monero developer, backed up this claim, telling his followers that Monero and Ethereum private keys could be stolen via the combination of MEGA Chrome (version)

https://www.newsbtc.com/2018/09/05/hackers-breach-mega-chrome-extension-to-steal-crypto-private-keys/

A not so friendly news to hear. I don't used MEGA Chrome extension, but I just want to give everyone a fair warning about a recent hack. Also mentioned in the articles are Amazon, Google, Microsoft, Github, MyEtherWallet, MyMonero, And IDEX were all affected. So stay safe everyone.

thanks for the information  Smiley
btccrusher
Member
**
Offline Offline

Activity: 742
Merit: 12


View Profile WWW
September 05, 2018, 07:24:25 AM
 #3

Thanks for your information. But I don't get the point, why people use such plugin/software for maintaining their valuable coins? It's not just a coin, it's your money. So, people should use only reputable software and take extra caution on using it. I prefer using metamask as it is the most secured extension till now. Stay safe everyone.
peter0425 (OP)
Sr. Member
****
Offline Offline

Activity: 2828
Merit: 458


Vave.com - Crypto Casino


View Profile
September 05, 2018, 07:52:07 AM
 #4

Thanks for your information. But I don't get the point, why people use such plugin/software for maintaining their valuable coins? It's not just a coin, it's your money. So, people should use only reputable software and take extra caution on using it. I prefer using metamask as it is the most secured extension till now. Stay safe everyone.
I guess one reason is that it makes our lives much easier with this crypto or browser extension. I think it ballooned when many websites started integrating cryptocurrency mining to their code. I'm sure you know what I'm talking about. I have been a victim of such malicious attacks as well. And now hackers are turning to exploit by attacking another form of software plugins that we usually used. Yes, I also used metamask and so far its good. Perhaps this is the downside of using extensions, so I advise, everyone to really take every precautions specially users of MEGA Chrome.

ccsang
Full Member
***
Offline Offline

Activity: 910
Merit: 103


View Profile
September 05, 2018, 08:35:03 AM
 #5

I just heard this news from Reddit Mega Thread
https://www.reddit.com/r/CryptoCurrency/comments/9cy4e4/the_mega_chrome_extension_has_been_compromised/
MEGA Chrome extension has been compromised and includes functionality to steal our cryptocurrency, I don't used Mega Extension too, I won't install any chrome extension except antivirus because I'm very careful my mew account, won't let anything have the chance to steal my data, always double check security before login my important account
tuthienloc92bk
Member
**
Offline Offline

Activity: 364
Merit: 34

Fast, Smart, Trustworthy


View Profile
September 05, 2018, 10:08:04 AM
 #6

I don't use MEGA extension too. But beware with the extensions. Last month, Hola was also detected to steal the private keys.
liripoop
Newbie
*
Offline Offline

Activity: 232
Merit: 0


View Profile
September 07, 2018, 07:31:00 PM
 #7

Investors should do best to secure their coin as well as investment and to secure the investment, they need to use reputed and famous software. To use any general software can lead to serious loss and so investor should not use such software.
listoncrypto
Newbie
*
Offline Offline

Activity: 252
Merit: 0


View Profile
September 08, 2018, 01:03:06 PM
 #8

This is really wired. How can people use such general software for keeping their valuable coins as well as money? This is not only a coin but also your money and so people should use reliable software for maintaining their coins.
kingzpro
Member
**
Offline Offline

Activity: 756
Merit: 13

DIFX - Digital Finacial Exchange


View Profile
September 08, 2018, 05:11:14 PM
 #9

That is not cool, i think google chrome should act more vigilant and provide the required security otherwise it should deactivate allthese extensions, really sad to hear about the stealing of the private keys that means people have lost all their portfolio.

thaoni23
Newbie
*
Offline Offline

Activity: 71
Merit: 0


View Profile
September 08, 2018, 05:17:40 PM
 #10

I think we should be careful when adding an extension on our browser. Because they have poor security and are vulnerable to hackers and attackers mysteriously
Nshan0102
Jr. Member
*
Offline Offline

Activity: 98
Merit: 3


View Profile WWW
September 08, 2018, 05:38:47 PM
 #11

https://www.newsbtc.com/2018/09/05/hackers-breach-mega-chrome-extension-to-steal-crypto-private-keys/

A not so friendly news to hear. I don't used MEGA Chrome extension, but I just want to give everyone a fair warning about a recent hack. Also mentioned in the articles are Amazon, Google, Microsoft, Github, MyEtherWallet, MyMonero, And IDEX were all affected. So stay safe everyone.

You have done a pretty good job by posting about it. I have never used MEGA and I don't use Chrome already 8 years. I know that huge of people will not agree with me but chrome is unsafe and it has many adds and etc. I'm using OPERA browser and I have never got hacked because opera team is doing his best to keep his browser clear and safe. But it would be nice to read conditions untill installing something and then dicide do you want it or no.
coyote50
Full Member
***
Offline Offline

Activity: 336
Merit: 100


View Profile WWW
September 08, 2018, 05:43:00 PM
 #12

just one more reason to use a hardware wallet. i'll never use browser extensions if i can avoid it to access my crypto
BumblingBee
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile
September 08, 2018, 06:02:28 PM
 #13

It is ridiculous that people are using a mere plugin to secure the coins that are price of thousand dollars. The information is very helpful for the users who haven’t used it or installed it yet. Every user should use strong protecting softwares that can protect your coins.
SoliDCoiNs777
Newbie
*
Offline Offline

Activity: 112
Merit: 0


View Profile
September 08, 2018, 07:08:52 PM
 #14

User should have some common sense before using an ordinary extension to save their costly coins in the wallet. These types of extensions are very easy to hack and steal the coins from these extensions. So user must be very cautious about their coin’s security.
rabia_laskor
Newbie
*
Offline Offline

Activity: 168
Merit: 0


View Profile WWW
September 11, 2018, 01:20:07 AM
 #15

Very sad news. without using verified extension this might happen. Everyone should take a lesson from this news and be extra careful using of any extension or related things.
AlisaWhishie
Member
**
Offline Offline

Activity: 322
Merit: 20


View Profile WWW
September 11, 2018, 01:23:37 AM
 #16

Very sad news. without using verified extension this might happen. Everyone should take a lesson from this news and be extra careful using of any extension or related things.

What do you mean by verified? It was official extention released by Mega team, so the only way to be safe with extentions is to delete them from all of your browsers. And that's exactly what I did after I read these news.

juljon18
Full Member
***
Offline Offline

Activity: 336
Merit: 100


View Profile
September 11, 2018, 03:59:06 AM
 #17

Jesus that's actually fairly disturbing news.  I think it's probably time to get a hardware wallet after this.  I have been putting it off but it's looking like we are under attack more and more each day.  How will grandma and grandpa survive this?
coyote50
Full Member
***
Offline Offline

Activity: 336
Merit: 100


View Profile WWW
September 11, 2018, 04:07:18 AM
 #18

Jesus that's actually fairly disturbing news.  I think it's probably time to get a hardware wallet after this.  I have been putting it off but it's looking like we are under attack more and more each day.  How will grandma and grandpa survive this?

whenever somebody asks me to teach them about investing in crypto, i tell them step 1 is opsec basics and buying hardware wallet, before buying a serious amount of crypto
UAE Seasider
Full Member
***
Offline Offline

Activity: 700
Merit: 110

Helios Protocol https://discord.gg/cpzAEMB


View Profile
September 11, 2018, 04:13:32 AM
 #19

You should never trust anyone else with the security of your crypto, don't keep it on an exchange and make sure you have an extremely secure password, that is stored under lock and key so people cannot guess it and you have a backup if you forget it. I have never been a fan of 3rd party security addins to browsers.

HELIOS PROTOCOL ★ ✅[DAG]✅[BLOCKCHAIN]✅[PoS]✅[Masternodes] ✈✈✈[weekly Airdrop][join our discord to qualify]✈✈✈
 ▬▬  Mainnet Launched  |  Parallel Blockchain  ▬▬ 
 ▐▐▐▐▐▐▐▐ Website  |  Github  |  Bitcointalk  |  Bounties  |Discord  |  telegram▐▐▐▐▐▐▐▐
irsada
Full Member
***
Offline Offline

Activity: 994
Merit: 117


View Profile
September 11, 2018, 04:42:14 AM
 #20

Quote
MEGA Falls Victim To Cybersecurity Breach

On Tuesday morning, concerned individuals across the web took to social media to reveal that malicious code had taken the place of MEGA’s chrome extension, which has been downloaded tens of millions of times across the globe. Some claimed that the updated code allowed the extension to gather sensitive data from popular websites across the internet.

At first, many believed that this hack only affected popular websites, like Google and Facebook, but upon further analysis, cybersecurity experts noted that the updated MEGA extension could grab sensitive data from crypto-related sites as well.

Ricardo Spagni, a well-known Monero developer, backed up this claim, telling his followers that Monero and Ethereum private keys could be stolen via the combination of MEGA Chrome (version)

https://www.newsbtc.com/2018/09/05/hackers-breach-mega-chrome-extension-to-steal-crypto-private-keys/

A not so friendly news to hear. I don't used MEGA Chrome extension, but I just want to give everyone a fair warning about a recent hack. Also mentioned in the articles are Amazon, Google, Microsoft, Github, MyEtherWallet, MyMonero, And IDEX were all affected. So stay safe everyone.

thanks for the information.
there are many ways people take things that are not their rights....
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!