The Chrome extension for MEGA.nz, a file sharing service, has been hosting a malicious code that was able to extract usernames, passwords, and private keys for cryptocurrency wallets, ZDNet reports. The problem was discovered in the source code of the MEGA.nz official Chrome extension. MEGA.nz released an update on Tuesday.
Analysts found that the malicious code became active on websites like Google (NASDAQ:GOOGL), Microsoft (NASDAQ:MSFT), Amazon (NASDAQ:AMZN), and GitHub among others. It also triggered on cryptocurrency wallets such as MyEtherWallet and MyMonero, and on the IDEX crypto exchange platform.
The compromised code could record usernames and passwords, thus allowing hackers to enter the accounts on behalf of the users. If the site supported a cryptocurrency like Bitcoin, the attackers w...
This article appeared first on Cryptovest