ESET, a leading proactive threat detection company, warns of an alteration of a MEGA extension, the cloud storage service, which can Capture user names and passwords that are used to access services, such as Google, Live.com, Amazon, Microsoft, Github, myetherwallet.com, mymonero.com or idex. market.
The mega company reported that an unknown attacker went up on September 4 to the Web Store of Chrome A version troyanizada of the extension 3.39.4 of mega for the navigated chrome. Although the extension has already been removed by Google from the store, it is recommended to all those who have downloaded it in the last time to remove it and download the new legitimate version that uploaded MEGA (3.39.5). The discovery was realized by the investigator in Security SerHack, who said that they are more than one million and means the users affected.
As explained from MEGA, once updated or installed the altered extension, it requests elevated permissions, which the true extension never asks. If granted, this allows the attacker to monitor and steal the keys used to access the accounts of the various services and also their wallets criptocoins, as all information is sent to a server hosted in Ukraine.
“Those who have installed the extension, in addition to eliminating it immediately, from ESET recommend modifying the access codes, especially those in which there is information on bank accounts.” said Camilo Gutierrez, head of the laboratory of ESET Latin America.