MEGA, the official extension of the popular file exchange, for the Google's Chrome browser was compromised. It can steal logins and passwords of popular websites and services.

Reddit users and IT engineers revealed a vulnerability in the MEGA extension for the Chrome browser. The add-in was able to steal logins and passwords of services such as Google, Facebook, MyEtherWallet, MyMonero, GitHub, Microsoft Live / OneDrive. Among them are services for cryptocurrency storage and the decentralized crypto exchange IDEX. This means that, using the MEGA extension, attackers could steal not only logins and passwords, but private keys and transfer cryptocurrency assets to their accounts.

Scammers managed to replace the MEGA code with a compromised version under the number 3.39.4, which allows stealing of logins and passwords. This was checked by one of Monero's developers Ricardo Spagny, who confirmed in Twitter that a compromised version of MEGA could steal private keys if a user enters MyMonero or MyEtherWallet through a browser.


The MEGA extension is one of the most popular add-ins for the Chrome browser. It was downloaded tens of millions of times. It is worth noting that the MEGA extension for another browser, Firefox, remains uncompromised.

The VPN extension of Hola was compromised in July using the similar method.