MEGA is under attack. The Google chrome extension is popular with users for uploading and sharing files over the internet. This is another incident in a string of cryptocurrency threats that are escalating especially as the invention gets traction. Users took to Twitter to air their concerns about suspicious activity on the chrome extension.

The cryptocurrency threats focus on user data

The activity involved a malicious code that steals login details and cryptocurrency keys. The code, when activated, harvests user data for platforms like Amazon, Github, Google and Microsoft. Also affected are cryptocurrency wallets like MyEtherWallet (MEW), MyMonero, and IDEX. The version 3.39.4 of the extension of the file sharing service was immediately popular on social media. Users explained how the hack takes place.

In acknowledgement, the Mega team wrote a blogpost warning users of the “trojaned version of MEGA’s Chrome extension.” In part, the post reads:

“On 4 September 2018 at 14:30 UTC, an unknown attacker uploaded a trojaned version of MEGA’s Chrome extension, version 3.39.4, to the Google Chrome webstore. You are only affected if you had the MEGA Chrome extension installed at the time of the incident, auto update enabled and you accepted the additional permission, or if you freshly installed version 3.39.4.”

Blame falls on Google

Further, the MEGA post implies that the hackers infected a Google account with malware. The post goes on to detail that through the hacked account, the hackers “pushed” an update containing the “cryptocurrency-stealing malware.” The MEGA team traces the stolen data to a server in Ukraine.

A clean version 3.39.5 of the extension is now available from The New Zealand firm urges its users to uninstall the old version and install the new one that is clean. On the other hand, the MEGA extension is no longer available in Chrome’s webstore.

Security experts are warning that such cryptocurrency threats are going to increase. In January, The Next Web made public a hack that targeted MyEtherWallet (MEW) users. The tricksters uploaded a fake up on Google Play containing dodgy private keys. More than 200 ETH was lost in the attack.