STORY DEVELOPING - UPDATES TO COMEIf you use the official MEGA Chrome extension, please stop using it immediately. It includes functionality to collect login usernames and passwords for many common websites, including but not limited to:GoogleFacebookMyEtherWalletMyMoneroGitHubMicrosoft Live/OneDriveAll data is being sent to hxxxs://www.megaopac dot host/Impacts version: 3.39.4Remediation: uninstall immediately, change important passwords, transfer funds from possible compromised accountsThe MEGA Chrome extension source code has not been updates in four months, suggesting that the account responsible with updating the version given to Google was compromised.More information:https://np.reddit.com/r/Monero/comments/9cx7cc/dont_use_mega_chrome_extension_version_3394/https://twitter.com/monero/status/1037028428476760064https://twitter.com/serhack_/status/1037026672787304450https://twitter.com/find_evil/status/1037037637842944002
Submitted September 05, 2018 at 01:01AM
No comments:
Post a Comment