CCN reported Google’s Chrome browser extension for upload and sharing service Mega was compromised by hackers seeking login credentials and cryptocurrency keys. Google removed the extension from its Chrome Web Store for now.
Researcher SerHack warned in a tweet Tuesday that version 3.39.4 of the extension was hacked and thieves could have stolen information including usernames and passwords from a number of platforms including Amazon, Github, Google and Microsoft.
!!! WARNING !!!!!!! PLEASE PAY ATTENTION!!
LATEST VERSION OF MEGA CHROME EXTENSION WAS HACKED.
— SerHack (@serhack_) September 4, 2018
Mega acknowledged the hack in a statement but also blamed Google for removing its ability to sign extensions, making it easier for such incidents to take place. According to CCN, there’s no evidence of tampering on Mega’s Firefox browser extension. Read more here.