Monero Cautions Vulnerability in MEGA Chrome
The team behind Monero (XMR), a cryptocurrency focused on privacy and anonymity, has cautioned users that the recently published MEGA Chrome extension has been compromised, leaving Monero tokens and other private data vulnerable to pilferage.
The MEGA Chrome (version 3.39.4) offers improved browsing experience, while reducing the loading time of web pages. It also offers a cloud storage system, but leaves the cryptocurrency exposed to hackers. Both Monero and users who have been compromised have announced the vulnerability.
A Reddit user has claimed that the updated version behaves in a suspicious manner.
Chrome Webstore has removed the extension after reports about compromised systems surfaced on the internet. Presently, the download link shows a 404 error.
PSA: The official MEGA extension has been compromised and now includes functionality to steal your Monero: https://t.co/vzWwcM9E5k
— Monero || #xmr (@monero) September 4, 2018
Hackers often target Monero because of the privacy features it offers. A few months before, over 200,000 routers were exploited by a cryptojacking incident targeting Monero. Furthermore, there have been several reports of malicious malware using unauthorized computing power to mine Monero. The cryptocurrency is often the choice of hackers because of its proof-of-work consensus algorithm, CryptoNight, designed to run smoothly on consumer CPUs.